mirror of
https://github.com/openbsd/src.git
synced 2024-12-22 16:42:56 -08:00
Pledge the syslogd privsep process with "stdio rpath wpath cpath
inet dns getpw sendfd proc exec". OK deraadt@
This commit is contained in:
parent
e024fcb2a9
commit
c9ec0abe94
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: privsep.c,v 1.56 2015/10/15 20:26:47 bluhm Exp $ */
|
||||
/* $OpenBSD: privsep.c,v 1.57 2015/10/16 16:10:10 bluhm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2003 Anil Madhavapeddy <anil@recoil.org>
|
||||
@ -144,6 +144,10 @@ priv_init(char *conf, int numeric, int lockfd, int nullfd, char *argv[])
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (pledge("stdio rpath wpath cpath inet dns getpw sendfd proc exec",
|
||||
NULL) == -1)
|
||||
err(1, "pledge priv");
|
||||
|
||||
if (!Debug) {
|
||||
close(lockfd);
|
||||
dup2(nullfd, STDIN_FILENO);
|
||||
|
Loading…
Reference in New Issue
Block a user