Please disregard this for now, -m (extended permissions) won't work this way
Thanks for the tip tb@
On 18:33 Sat 26 Dec , Ricardo Mestre wrote:
> Or even better keep the #ifndef since mknod(8) already has dpath annotation:
>
> Index: main.c
> ===================================================================
> RCS file: /cvs/src/bin/ksh/main.c,v
> retrieving revision 1.75
> diff -u -p -u -r1.75 main.c
> --- main.c 14 Dec 2015 13:59:42 -0000 1.75
> +++ main.c 26 Dec 2015 18:31:45 -0000
> @@ -160,6 +160,12 @@ main(int argc, char *argv[])
> perror("pledge");
> exit(1);
> }
> +#else
> + if (pledge("stdio rpath wpath cpath dpath fattr flock getpw proc exec
> tty",
> + NULL) == -1) {
> + perror("pledge");
> + exit(1);
> + }
> #endif
>
> On 18:28 Sat 26 Dec , Ricardo Mestre wrote:
> > Hi tech@
> >
> > Now that dpath annotation in pledge(2) is available then #ifndef MKNOD can
> > be
> > removed and enforce pledge(2) on all codepaths, is this correct, comments?
> >
> > Index: main.c
> > ===================================================================
> > RCS file: /cvs/src/bin/ksh/main.c,v
> > retrieving revision 1.75
> > diff -u -p -u -r1.75 main.c
> > --- main.c 14 Dec 2015 13:59:42 -0000 1.75
> > +++ main.c 26 Dec 2015 18:23:34 -0000
> > @@ -154,13 +154,11 @@ main(int argc, char *argv[])
> >
> > kshname = argv[0];
> >
> > -#ifndef MKNOD
> > - if (pledge("stdio rpath wpath cpath fattr flock getpw proc exec
> > tty",
> > + if (pledge("stdio rpath wpath cpath dpath fattr flock getpw proc
> > exec tty",
> > NULL) == -1) {
> > perror("pledge");
> > exit(1);
> > }
> > -#endif
> >
> > ainit(&aperm); /* initialize permanent Area */
> >
