pledge(2) tokenadm(8): it needs "rpath wpath cpath fattr flock" for operations

on the DB files and before that it also needs "getpw" due to calling getgrnam(3) to get the group (TOKEN_GROUP). This was OK bluhm@ and also with a slightly tweak sugested from him
author: mestre <mestre@openbsd.org> 2015-12-30 12:27:18 +0000
committer: mestre <mestre@openbsd.org> 2015-12-30 12:27:18 +0000
commit: 0ef08ec470e484b7b6a1ae9585f16214069648fe (patch)
tree: 40004e1b8394b67b160bd338308aea2f4b8e0622 /usr.sbin/tokenadm
parent: now that ibuf_free() checks for null, we can remove the check here. (diff)
download: wireguard-openbsd-0ef08ec470e484b7b6a1ae9585f16214069648fe.tar.xz
wireguard-openbsd-0ef08ec470e484b7b6a1ae9585f16214069648fe.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.sbin/tokenadm/tokenadm.c b/usr.sbin/tokenadm/tokenadm.c
index 6bdde8f9bab..b9ce29e0758 100644
--- a/usr.sbin/tokenadm/tokenadm.c
+++ b/usr.sbin/tokenadm/tokenadm.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tokenadm.c,v 1.10 2015/01/16 06:40:22 deraadt Exp $	*/
+/*	$OpenBSD: tokenadm.c,v 1.11 2015/12/30 12:27:18 mestre Exp $	*/
 
 /*-
  * Copyright (c) 1995 Migration Associates Corp. All Rights Reserved
@@ -103,6 +103,9 @@ main(int argc, char **argv)
 	if (setrlimit(RLIMIT_CORE, &cds) < 0)
 		syslog(LOG_ERR, "couldn't set core dump size to 0: %m");
 
+	if (pledge("stdio rpath wpath cpath fattr flock getpw", NULL) == -1)
+		err(1, "pledge");
+
 	while ((c = getopt(argc, argv, "BDERT1dem:r")) != -1)
 		switch (c) {
 		case 'B':
author	mestre <mestre@openbsd.org>	2015-12-30 12:27:18 +0000
committer	mestre <mestre@openbsd.org>	2015-12-30 12:27:18 +0000
commit	0ef08ec470e484b7b6a1ae9585f16214069648fe (patch)
tree	40004e1b8394b67b160bd338308aea2f4b8e0622 /usr.sbin/tokenadm
parent	now that ibuf_free() checks for null, we can remove the check here. (diff)
download	wireguard-openbsd-0ef08ec470e484b7b6a1ae9585f16214069648fe.tar.xz wireguard-openbsd-0ef08ec470e484b7b6a1ae9585f16214069648fe.zip