On Wed, Oct 04 2017, Sebastian Benoit wrote:
> i'm not sure that pledge there is correct.
>
> spawn() gets calles from gettcp() which gets called from the main event
> loop, and directly from the event loop.
>
> The pledge here might be a convenient place to reduce pledges after the
> initializati
i'm not sure that pledge there is correct.
spawn() gets calles from gettcp() which gets called from the main event
loop, and directly from the event loop.
The pledge here might be a convenient place to reduce pledges after the
initialization phase?
It takes away the "cpath dns unix" pledges. Now
When inetd listens on a unix domain socket AND at least one process
connects to that socket, then when inetd shuts down it tries to
unlink the socket and aborts because it lacks pledge("cpath").
Repro steps:
# echo '/tmp/test.sock stream unix nowait nobody /usr/bin/true true'
>>inetd.conf
# /usr/
