diff options
| author |   benno <benno@openbsd.org> | 2015-11-13 19:37:20 +0000 |
|---|---|---|
| committer | benno <benno@openbsd.org> | 2015-11-13 19:37:20 +0000 |
| commit | c60600c6d482521ed65f53bcc5dcb06de89d1e58 (patch) | |
| tree | 1bd73534268a7b1c06e19380c595a939d54dba73 /usr.bin/tcpbench/tcpbench.c | |
| parent | remove -d from SYNOPSIS; (diff) | |
| download | wireguard-openbsd-c60600c6d482521ed65f53bcc5dcb06de89d1e58.tar.xz wireguard-openbsd-c60600c6d482521ed65f53bcc5dcb06de89d1e58.zip | |
pledge tcpbench, from David Hill, tweaked the -s case.
ok deraadt@
Diffstat (limited to 'usr.bin/tcpbench/tcpbench.c')
| -rw-r--r-- | usr.bin/tcpbench/tcpbench.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/usr.bin/tcpbench/tcpbench.c b/usr.bin/tcpbench/tcpbench.c index 6bd2027296e..1e1d5ece203 100644 --- a/usr.bin/tcpbench/tcpbench.c +++ b/usr.bin/tcpbench/tcpbench.c @@ -986,8 +986,6 @@ quit(int sig, short event, void *arg) int main(int argc, char **argv) { - extern int optind; - extern char *optarg; struct timeval tv; unsigned int secs, rtable; @@ -1108,6 +1106,9 @@ main(int argc, char **argv) } } + if (pledge("stdio rpath dns inet id proc", NULL) == -1) + err(1, "pledge"); + argv += optind; argc -= optind; if ((argc != (ptb->sflag ? 0 : 1)) || @@ -1125,6 +1126,9 @@ main(int argc, char **argv) } else drop_gid(); + if (pledge("stdio id dns inet", NULL) == -1) + err(1, "pledge"); + if (!ptb->sflag) host = argv[0]; /* @@ -1169,6 +1173,9 @@ main(int argc, char **argv) errx(1, "getaddrinfo: %s", gai_strerror(herr)); } + if (pledge("stdio id inet", NULL) == -1) + err(1, "pledge"); + if (getrlimit(RLIMIT_NOFILE, &rl) == -1) err(1, "getrlimit"); if (rl.rlim_cur < MAX_FD) @@ -1177,7 +1184,10 @@ main(int argc, char **argv) err(1, "setrlimit"); if (getrlimit(RLIMIT_NOFILE, &rl) == -1) err(1, "getrlimit"); - + + if (pledge("stdio inet", NULL) == -1) + err(1, "pledge"); + /* Init world */ TAILQ_INIT(&sc_queue); if ((ptb->dummybuf = malloc(ptb->dummybuf_len)) == NULL) @@ -1215,8 +1225,11 @@ main(int argc, char **argv) evtimer_add(&ev_progtimer, &tv); } client_init(aitop, nconn, udp_sc, aib); + + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); } - + /* libevent main loop*/ event_dispatch(); |