Please disregard this for now, -m (extended permissions) won't work this way
Thanks for the tip tb@ On 18:33 Sat 26 Dec , Ricardo Mestre wrote: > Or even better keep the #ifndef since mknod(8) already has dpath annotation: > > Index: main.c > =================================================================== > RCS file: /cvs/src/bin/ksh/main.c,v > retrieving revision 1.75 > diff -u -p -u -r1.75 main.c > --- main.c 14 Dec 2015 13:59:42 -0000 1.75 > +++ main.c 26 Dec 2015 18:31:45 -0000 > @@ -160,6 +160,12 @@ main(int argc, char *argv[]) > perror("pledge"); > exit(1); > } > +#else > + if (pledge("stdio rpath wpath cpath dpath fattr flock getpw proc exec > tty", > + NULL) == -1) { > + perror("pledge"); > + exit(1); > + } > #endif > > On 18:28 Sat 26 Dec , Ricardo Mestre wrote: > > Hi tech@ > > > > Now that dpath annotation in pledge(2) is available then #ifndef MKNOD can > > be > > removed and enforce pledge(2) on all codepaths, is this correct, comments? > > > > Index: main.c > > =================================================================== > > RCS file: /cvs/src/bin/ksh/main.c,v > > retrieving revision 1.75 > > diff -u -p -u -r1.75 main.c > > --- main.c 14 Dec 2015 13:59:42 -0000 1.75 > > +++ main.c 26 Dec 2015 18:23:34 -0000 > > @@ -154,13 +154,11 @@ main(int argc, char *argv[]) > > > > kshname = argv[0]; > > > > -#ifndef MKNOD > > - if (pledge("stdio rpath wpath cpath fattr flock getpw proc exec > > tty", > > + if (pledge("stdio rpath wpath cpath dpath fattr flock getpw proc > > exec tty", > > NULL) == -1) { > > perror("pledge"); > > exit(1); > > } > > -#endif > > > > ainit(&aperm); /* initialize permanent Area */ > >