diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-11-16 18:37:30 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-11-16 18:37:30 +0000 |
| commit | ae7aa16a6a9d651ae02b998a5cb1adbcc3159ba3 (patch) | |
| tree | 0f1db69ed1b11dc58a793d1763df05c01a626ad7 /libexec/getty | |
| parent | initially, pledge "stdio rpath wpath cpath getpw tty id proc exec", yes (diff) | |
| download | wireguard-openbsd-ae7aa16a6a9d651ae02b998a5cb1adbcc3159ba3.tar.xz wireguard-openbsd-ae7aa16a6a9d651ae02b998a5cb1adbcc3159ba3.zip | |
Observe that FIOASYNC clearing for stdin is only done in the case where
getty receives the fd from init, so hoist it upwards. Since revoke(2)
is now allowed by pledge "rpath tty", the pledges can be hoisted much
higher.
ok millert semarie tedu guenther
Diffstat (limited to 'libexec/getty')
| -rw-r--r-- | libexec/getty/main.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/libexec/getty/main.c b/libexec/getty/main.c index e0f641aa85e..bcc455ab888 100644 --- a/libexec/getty/main.c +++ b/libexec/getty/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.40 2015/11/06 16:42:30 tedu Exp $ */ +/* $OpenBSD: main.c,v 1.41 2015/11/16 18:37:30 deraadt Exp $ */ /*- * Copyright (c) 1980, 1993 @@ -168,6 +168,13 @@ main(int argc, char *argv[]) limit.rlim_cur = GETTY_TIMEOUT; (void)setrlimit(RLIMIT_CPU, &limit); + ioctl(0, FIOASYNC, &off); /* turn off async mode */ + + if (pledge("stdio rpath wpath fattr proc exec tty", NULL) == -1) { + syslog(LOG_ERR, "pledge: %m"); + exit(1); + } + /* * The following is a work around for vhangup interactions * which cause great problems getting window systems started. @@ -210,9 +217,8 @@ main(int argc, char *argv[]) login_tty(i); } } - ioctl(0, FIOASYNC, &off); /* turn off async mode */ - if (pledge("stdio rpath fattr proc exec tty", NULL) == -1) { + if (pledge("stdio rpath proc exec tty", NULL) == -1) { syslog(LOG_ERR, "pledge: %m"); exit(1); } |