diff options
author | 2015-11-29 14:51:35 +0000 | |
---|---|---|
committer | 2015-11-29 14:51:35 +0000 | |
commit | 0df36d49693ea2f079144b049c509c5b236482ba (patch) | |
tree | dc61f122e8bab74566c05eeb61d6c3b08daffdd8 /usr.bin/skeyinit | |
parent | Remove useless getpwnam() call after getpwuid(). Noticed by deraadt@ (diff) | |
download | wireguard-openbsd-0df36d49693ea2f079144b049c509c5b236482ba.tar.xz wireguard-openbsd-0df36d49693ea2f079144b049c509c5b236482ba.zip |
Drop pledge proc exec getpw after authenticating.
Diffstat (limited to 'usr.bin/skeyinit')
-rw-r--r-- | usr.bin/skeyinit/skeyinit.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/usr.bin/skeyinit/skeyinit.c b/usr.bin/skeyinit/skeyinit.c index d552f620721..c63bb5fd65f 100644 --- a/usr.bin/skeyinit/skeyinit.c +++ b/usr.bin/skeyinit/skeyinit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: skeyinit.c,v 1.66 2015/11/29 14:44:20 millert Exp $ */ +/* $OpenBSD: skeyinit.c,v 1.67 2015/11/29 14:51:35 millert Exp $ */ /* OpenBSD S/Key (skeyinit.c) * @@ -55,7 +55,7 @@ main(int argc, char **argv) struct skey skey; struct passwd *pp; - if (pledge("stdio rpath wpath cpath fattr flock tty proc exec", NULL) == -1) + if (pledge("stdio rpath wpath cpath fattr flock tty proc exec getpw", NULL) == -1) err(1, "pledge"); n = rmkey = hexmode = enable = 0; @@ -185,6 +185,9 @@ main(int argc, char **argv) errx(1, "Password incorrect"); } + if (pledge("stdio rpath wpath cpath fattr flock tty", NULL) == -1) + err(1, "pledge"); + /* * Lookup and lock the record we are about to modify. * If this is a new entry this will prevent other users |