diff options
| author |   schwarze <schwarze@openbsd.org> | 2017-02-22 16:16:35 +0000 |
|---|---|---|
| committer | schwarze <schwarze@openbsd.org> | 2017-02-22 16:16:35 +0000 |
| commit | f80eb964fcc31588c58967c68ad85f5c026b5cd8 (patch) | |
| tree | e44efc00166fe2f2b928a9a7e0908b5dcb54f857 /usr.bin/mandoc/cgi.c | |
| parent | Amend a misleading comment mentioning ``ipintrq''. (diff) | |
| download | wireguard-openbsd-f80eb964fcc31588c58967c68ad85f5c026b5cd8.tar.xz wireguard-openbsd-f80eb964fcc31588c58967c68ad85f5c026b5cd8.zip | |
Pledge man.cgi(8).
Based on a more complicated patch from semarie@.
Sebastien and tb@ both agree with the simplification.
Diffstat (limited to 'usr.bin/mandoc/cgi.c')
| -rw-r--r-- | usr.bin/mandoc/cgi.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/usr.bin/mandoc/cgi.c b/usr.bin/mandoc/cgi.c index d526e243bdd..6122481834d 100644 --- a/usr.bin/mandoc/cgi.c +++ b/usr.bin/mandoc/cgi.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cgi.c,v 1.85 2017/01/25 03:19:56 deraadt Exp $ */ +/* $OpenBSD: cgi.c,v 1.86 2017/02/22 16:16:35 schwarze Exp $ */ /* * Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv> * Copyright (c) 2014, 2015, 2016, 2017 Ingo Schwarze <schwarze@usta.de> @@ -974,6 +974,20 @@ main(void) const char *querystring; int i; + /* + * The "rpath" pledge could be revoked after mparse_readfd() + * if the file desciptor to "/footer.html" would be opened + * up front, but it's probably not worth the complication + * of the code it would cause: it would require scattering + * pledge() calls in multiple low-level resp_*() functions. + */ + + if (pledge("stdio rpath", NULL) == -1) { + warn("pledge"); + pg_error_internal(); + return EXIT_FAILURE; + } + /* Poor man's ReDoS mitigation. */ itimer.it_value.tv_sec = 2; |