On Thu, Jan 28, 2016 at 10:15:53PM -0500, Daniel Dickman wrote: > On Thu, Jan 28, 2016 at 10:11 PM, Daniel Dickman <didick...@gmail.com> wrote: > > On Thu, Jan 28, 2016 at 12:51 PM, Frederic Cambus <f...@statdns.com> wrote: > >> Hi ports@, > >> > >> This diff adds support for pledge() to the current Lynx version. > >> > >> + > >> ++ if (pledge("stdio tty cpath rpath wpath dns inet proc exec", NULL) > >> == -1) { > >> ++ err(EXIT_FAILURE, "pledge"); > >> ++ } > >> ++ > > > > i have ioctl in my local patch. is it not needed?
probably not. a quick grep only shows TIOCGWINSZ (which needs pledge "tty") and FIONBIO ioctl calls. pledge ioctl in interactive programs is usually a hint that "tty" was forgotten in earlier attempts with too tight pledges. > > is it possible to get rid of proc exec? I didn't add them on my end... there are shell escapes, so they are probably needed. I don't really use lynx myself, but it seems to me that it's worth investigating tighter pledges conditionally on various "lynx -restriction=..." options (hopefully those can't be changed at runtime). > Also should it call "err" or "exit_immediately" on failure? I agree that the latter looks like the right way to go.