From 4763032430834ff1d7dfe4293826cf845a71b990 Mon Sep 17 00:00:00 2001
From: Tim Kuijsten <info+git@netsend.nl>
Date: Thu, 21 Nov 2019 02:15:41 +0100
Subject: pledge(2) all programs

All programs except mshow have a very tight set of promises. mshow
has a broad set of promises and might be a good future candidate
to further restrict using unveil(2).

This patch is based on commit 0300a112 by Alex Holst (dated
2017-12-07), which was proposed in GH PR #79.

* pledged mpick, mflow and mdate so that now all programs are pledged
* removed some unneeded promises and added some missing promises
* move err.h include and OpenBSD ifdef into a new xpledge.h
* cleaned up code aligning and whitespace

Closes: #179 [via git-merge-pr]
---
 mpick.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'mpick.c')

diff --git a/mpick.c b/mpick.c
index bff0cc3..93bbafb 100644
--- a/mpick.c
+++ b/mpick.c
@@ -43,6 +43,7 @@
 #include <wchar.h>
 
 #include "blaze822.h"
+#include "xpledge.h"
 
 enum op {
 	EXPR_OR = 1,
@@ -1463,6 +1464,8 @@ main(int argc, char *argv[])
 			exit(1);
 		}
 
+	xpledge("stdio rpath", "");
+
 	void *cb = need_thr ? collect : oneline;
 	if (argc == optind && isatty(0))
 		i = blaze822_loop1(":", cb);
-- 
cgit 1.4.1