Perhaps... I will warn you that the "running YP" case can be really surprising for "getpw", since it opens up partial "inet" holes. By that I mean YP support can get subtly broken completely accidentally.
I do intend to circle back one day and change the underlying YP mechanism (in a similar way to sendsyslog and isatty) such that swaths of "inet" support isn't exported in this circumstance, it remains tricky and perhaps needs a new system call... Ricardo Mestre <[email protected]> wrote: > Hi, > > After pledge(2) is called there are no getpw* associated functions that get > called so we can drop the promise. > > Although we manipulate files associated with getpw all the remaining code is > kept happy with "rpath wpath cpath fattr flock", this has been tested directly > and also via vipw(8). > > OK? > > Index: pwd_mkdb.c > =================================================================== > RCS file: /cvs/src/usr.sbin/pwd_mkdb/pwd_mkdb.c,v > retrieving revision 1.53 > diff -u -p -u -r1.53 pwd_mkdb.c > --- pwd_mkdb.c 5 Nov 2015 15:10:11 -0000 1.53 > +++ pwd_mkdb.c 23 Aug 2018 09:29:24 -0000 > @@ -233,7 +233,7 @@ main(int argc, char **argv) > warn("%s: unable to make group readable", _PATH_SMP_DB); > clean |= FILE_SECURE; > > - if (pledge("stdio rpath wpath cpath getpw fattr flock", NULL) == -1) > + if (pledge("stdio rpath wpath cpath fattr flock", NULL) == -1) > err(1, "pledge"); > > /* Open the temporary insecure password database. */ >
