CVSROOT: /cvs Module name: src Changes by: mes...@cvs.openbsd.org 2019/07/11 00:55:02
Modified files: sbin/dhclient : dhclient.c Log message: The privileged process of dhclient(8) runs several ioctl(2)s that are forbidden by pledge(2) and therefore we cannot add it here. Instead we can restrict the filesystem access to only two files, mentioned below, via unveil(2). - /etc/resolv.conf -> write/create permissions - /etc/resolv.conf.tail -> read permissions OK brynet@ deraadt@ kn@ krw@ left the decision to other people who understand unveil(2)