> > + if (pledge("stdio rpath getpw proc wpath cpath
> > inet ioctl sendfd recvfd",
> > + NULL) == -1) {
> > + fatalx("pledge");
> > + }
>
> whoa, still a big list of promises, and some are a bit unexpected for
> me. could you explain the need for them ?
>
> I mean, if "rpath wpath cpath" are expected for a daemon that serve
> files, "ioctl" for example is more questionable. could you explain
> quickly why or where ftpd needs them ?
Pretty sure that "ioctl" promise can be replaced with "tty".
retrieve() -> ftpd_popen() -> ls_main()
/usr/src/bin/ls/ls_main.c:121 contains a call to
"ioctl(STDOUT_FILENO, TIOCGWINSZ, &win)".
I'm a bit worried about this execv() call in popen.c:143 in ftpd_popen()
Are you sure this can't be reached?
Otherwise an "exec" promise would probably also be needed.
