On Sun, Apr 03, 2016 at 06:51:47PM +0200, Theo Buehler wrote: > > > + if (pledge("stdio rpath getpw proc wpath cpath > > > inet ioctl sendfd recvfd", > > > + NULL) == -1) { > > > + fatalx("pledge"); > > > + } > > > > whoa, still a big list of promises, and some are a bit unexpected for > > me. could you explain the need for them ? > > > > I mean, if "rpath wpath cpath" are expected for a daemon that serve > > files, "ioctl" for example is more questionable. could you explain > > quickly why or where ftpd needs them ? > > Pretty sure that "ioctl" promise can be replaced with "tty". >
Jep, works with "tty". > retrieve() -> ftpd_popen() -> ls_main() > > /usr/src/bin/ls/ls_main.c:121 contains a call to > "ioctl(STDOUT_FILENO, TIOCGWINSZ, &win)". > Ahh, this was the ioctl(2) call I was looking for. I saw the link to ls_main, but overlooked the ioctl(2) call. > I'm a bit worried about this execv() call in popen.c:143 in ftpd_popen() > > Are you sure this can't be reached? > > Otherwise an "exec" promise would probably also be needed. >