diff options
author | deraadt <deraadt@openbsd.org> | 2015-11-14 04:02:32 +0000 |
---|---|---|
committer | deraadt <deraadt@openbsd.org> | 2015-11-14 04:02:32 +0000 |
commit | 1179e37d35a23a53bda10c434ed969edd8e50060 (patch) | |
tree | fa9a03b31a1bbc8881846127804a0f37bf616cdd /usr.sbin/tftp-proxy | |
parent | update the NAME section; ok nicm schwarze (diff) | |
download | wireguard-openbsd-1179e37d35a23a53bda10c434ed969edd8e50060.tar.xz wireguard-openbsd-1179e37d35a23a53bda10c434ed969edd8e50060.zip |
pledge "stdio inet sendfd" before entering main loop in network speaking
child. (All those I asked to test timed out before commit, so now they
get to test for real...)
Diffstat (limited to 'usr.sbin/tftp-proxy')
-rw-r--r-- | usr.sbin/tftp-proxy/tftp-proxy.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.sbin/tftp-proxy/tftp-proxy.c b/usr.sbin/tftp-proxy/tftp-proxy.c index 4bb547ecf93..aa8b311dfb9 100644 --- a/usr.sbin/tftp-proxy/tftp-proxy.c +++ b/usr.sbin/tftp-proxy/tftp-proxy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tftp-proxy.c,v 1.14 2015/11/12 20:55:49 deraadt Exp $ +/* $OpenBSD: tftp-proxy.c,v 1.15 2015/11/14 04:02:32 deraadt Exp $ * * Copyright (c) 2005 DLS Internet Services * Copyright (c) 2004, 2005 Camiel Dobbelaar, <cd@sentia.nl> @@ -374,6 +374,9 @@ proxy_privproc(int s, struct passwd *pw) setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid)) lerr(1, "unable to set group ids"); + if (pledge("stdio inet sendfd", NULL) == -1) + err(1, "pledge"); + TAILQ_INIT(&p.replies); p.buf = evbuffer_new(); |