On Sun, Apr 03, 2016 at 06:28:21PM +0200, Sebastien Marie wrote:
> > +
> > + if (pledge("stdio rpath getpw proc wpath cpath
> > inet ioctl sendfd recvfd",
> > + NULL) == -1) {
> > + fatalx("pledge");
> > + }
>
> whoa, still a big list of promises, and some are a bit unexpected for
> me. could you explain the need for them ?
>
> I mean, if "rpath wpath cpath" are expected for a daemon that serve
> files, "ioctl" for example is more questionable. could you explain
> quickly why or where ftpd needs them ?
>
I started to search:
- rpath wpath cpath : file manipulation
- inet : ftp passive (so initiate a socket connection)
- proc : forking for invoking ls
- getpw tty : builtin ls (call ls_main from src/bin/ls)
I would prefer the use of "tty" instead of "ioctl"
for sendfd and recvfd, I am still unsure for now.
--
Sebastien Marie
