diff options
author | 2015-10-19 22:07:37 +0000 | |
---|---|---|
committer | 2015-10-19 22:07:37 +0000 | |
commit | 04581dc7e9c35986b7de49e3b45046beb7d6de8f (patch) | |
tree | f5febaf90daf15ba14630b60074029b425389559 /usr.sbin/radiusd/radiusd_radius.c | |
parent | break long lines in examples; ok jmc@ (diff) | |
download | wireguard-openbsd-04581dc7e9c35986b7de49e3b45046beb7d6de8f.tar.xz wireguard-openbsd-04581dc7e9c35986b7de49e3b45046beb7d6de8f.zip |
Add pledge(2) for radiusctl(8) and radiusd(8).
- radiusd: "stdio inet"
- radiusd_radius: "stdio inet"
- radiusd_bsdauth:
- "stdio proc" for the non-priviledged process
- "stdio getpw rpath proc exec" for the priviledged process
- radiusctl: "stdio dns inet"
"go ahead" deraadt
Diffstat (limited to 'usr.sbin/radiusd/radiusd_radius.c')
-rw-r--r-- | usr.sbin/radiusd/radiusd_radius.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.sbin/radiusd/radiusd_radius.c b/usr.sbin/radiusd/radiusd_radius.c index 1e8269844f8..88590ff08a3 100644 --- a/usr.sbin/radiusd/radiusd_radius.c +++ b/usr.sbin/radiusd/radiusd_radius.c @@ -1,4 +1,4 @@ -/* $OpenBSD: radiusd_radius.c,v 1.7 2015/08/02 21:27:27 yasuoka Exp $ */ +/* $OpenBSD: radiusd_radius.c,v 1.8 2015/10/19 22:07:37 yasuoka Exp $ */ /* * Copyright (c) 2013 Internet Initiative Japan Inc. @@ -129,6 +129,8 @@ main(int argc, char *argv[]) module_load(module_radius.base); log_init(0); event_init(); + if (pledge("stdio inet", NULL) == -1) + err(EXIT_FAILURE, "pledge"); module_start(module_radius.base); event_loop(0); |