diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-10-13 15:55:44 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-10-13 15:55:44 +0000 |
| commit | f3eda427c674c9e34d70bbfd1b7ee86f93275be0 (patch) | |
| tree | a659852154b9072f50659c9c0ee92b4bd41abe50 /usr.sbin/kvm_mkdb/kvm_mkdb.c | |
| parent | Reduce the amount of code by moving the three copies of the ohash (diff) | |
| download | wireguard-openbsd-f3eda427c674c9e34d70bbfd1b7ee86f93275be0.tar.xz wireguard-openbsd-f3eda427c674c9e34d70bbfd1b7ee86f93275be0.zip | |
semarie points out i am already forgetting the rules are very tight around
*chown, even "proc fattr" won't let you do such a job. remove early pledge(),
only leave call after fchown, before when symbol table work gets done.
Diffstat (limited to 'usr.sbin/kvm_mkdb/kvm_mkdb.c')
| -rw-r--r-- | usr.sbin/kvm_mkdb/kvm_mkdb.c | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/usr.sbin/kvm_mkdb/kvm_mkdb.c b/usr.sbin/kvm_mkdb/kvm_mkdb.c index 6fc60649ff1..eff6a7b44ab 100644 --- a/usr.sbin/kvm_mkdb/kvm_mkdb.c +++ b/usr.sbin/kvm_mkdb/kvm_mkdb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kvm_mkdb.c,v 1.22 2015/10/13 15:43:19 deraadt Exp $ */ +/* $OpenBSD: kvm_mkdb.c,v 1.23 2015/10/13 15:55:44 deraadt Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -75,10 +75,6 @@ main(int argc, char *argv[]) warn("can't set rlimit data size"); } - /* getpwnam() and fchown() later */ - if (pledge("stdio rpath wpath cpath getpw fattr proc", NULL) == -1) - err(1, "pledge"); - strlcpy(dbdir, _PATH_VARDB, sizeof(dbdir)); while ((ch = getopt(argc, argv, "vo:")) != -1) switch (ch) { @@ -174,7 +170,7 @@ kvm_mkdb(int fd, const char *dbdir, char *nlistpath, char *nlistname, } /* rename() later */ - if (pledge("stdio cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) err(1, "pledge"); if (create_knlist(nlistpath, fd, db) != 0) { |