2 files changed, 4 insertions, 16 deletions

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index b7ca1e8cd95..0e4b320605d 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.104 2015/11/04 21:24:23 tedu Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.105 2015/11/05 15:10:11 semarie Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -599,18 +599,6 @@ pledge_namei(struct proc *p, struct nameidata *ni, char *origpath)
 	if (error)
 		return (pledge_fail(p, error, 0));
 
-	/* Blacklisted paths */
-	switch (p->p_pledge_syscall) {
-	case SYS_stat:
-	case SYS_lstat:
-	case SYS_fstatat:
-	case SYS_fstat:
-		break;
-	default:
-		if (strcmp(path, "/etc/spwd.db") == 0)
-			return (EPERM);
-	}
-
 	/* Detect what looks like a mkstemp(3) family operation */
 	if ((p->p_p->ps_pledge & PLEDGE_TMPPATH) &&
 	    (p->p_pledge_syscall == SYS_open) &&
@@ -653,6 +641,8 @@ pledge_namei(struct proc *p, struct nameidata *ni, char *origpath)
 		/* getpw* and friends need a few files */
 		if ((ni->ni_pledge == PLEDGE_RPATH) &&
 		    (p->p_p->ps_pledge & PLEDGE_GETPW)) {
+			if (strcmp(path, "/etc/spwd.db") == 0)
+				return (EPERM); /* don't call pledge_fail */
 			if (strcmp(path, "/etc/pwd.db") == 0)
 				return (0);
 			if (strcmp(path, "/etc/group") == 0)
diff --git a/usr.sbin/pwd_mkdb/pwd_mkdb.c b/usr.sbin/pwd_mkdb/pwd_mkdb.c
index c1a2c76f831..35648a44721 100644
--- a/usr.sbin/pwd_mkdb/pwd_mkdb.c
+++ b/usr.sbin/pwd_mkdb/pwd_mkdb.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pwd_mkdb.c,v 1.52 2015/11/05 13:48:51 semarie Exp $	*/
+/*	$OpenBSD: pwd_mkdb.c,v 1.53 2015/11/05 15:10:11 semarie Exp $	*/
 
 /*-
  * Copyright (c) 1991, 1993, 1994
@@ -233,10 +233,8 @@ main(int argc, char **argv)
 		warn("%s: unable to make group readable", _PATH_SMP_DB);
 	clean |= FILE_SECURE;
 
-#if 0
 	if (pledge("stdio rpath wpath cpath getpw fattr flock", NULL) == -1)
 		err(1, "pledge");
-#endif
 
 	/* Open the temporary insecure password database. */
 	if (!secureonly) {