Hi tech@
This is the last spamd* utility that I still didn't touch, but it seems to be
fairly easy to pledge.
After privdrop, and before the program loop (pcap_loop(3) in this case) check if
syncsend is used (daemon was started with -Y argument), then pledge for rpath,
wpath and flock in order to update the DB (/var/db/spamd) and inet to
sendmsg(2) to the sync'ed host(s). If syncsend is NULL then it just needs to
update the DB, and therefore doesn't need inet.
For the interested, I caught the 2 codepaths like this
1) pcap_loop(3) -> pcap_read -> logpkt_handler -> dbupdate -> sync_addr ->
sync_send -> sendmsg(2)
2) pcap_loop -> pcap_read -> logpkt_handler -> dbupdate
Index: spamlogd.c
===================================================================
RCS file: /cvs/src/libexec/spamlogd/spamlogd.c,v
retrieving revision 1.25
diff -u -p -u -r1.25 spamlogd.c
--- spamlogd.c 21 Jan 2015 21:50:33 -0000 1.25
+++ spamlogd.c 8 Dec 2015 09:05:17 -0000
@@ -374,6 +374,14 @@ main(int argc, char **argv)
openlog_r("spamlogd", LOG_PID | LOG_NDELAY, LOG_DAEMON, &sdata);
}
+ if (syncsend) {
+ if (pledge("stdio rpath wpath inet flock", NULL) == -1)
+ err(1, "pledge");
+ } else {
+ if (pledge("stdio rpath wpath flock", NULL) == -1)
+ err(1, "pledge");
+ }
+
pcap_loop(hpcap, -1, phandler, NULL);
logmsg(LOG_NOTICE, "exiting");
