n 06/21/17 12:16, Ricardo Mestre wrote:
> Hi,
>
> I can confirm this issue, and the diff below seems to solve it for me.
>
> Could you please test it and let us know if it works on your side?
It does fix the issue. Thanks you.
>
> Reason: In clientloop.c during client_loop() this function calls
> client_simple_escape_filter() which then calls process_escapes() which in turn
> fork()s the process. That being said, the pledge inside client_loop which
> applies to this code path lacks the proc promise and therefore aborts ssh.
>
> Index: clientloop.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/clientloop.c,v
> retrieving revision 1.299
> diff -u -p -u -r1.299 clientloop.c
> --- clientloop.c 31 May 2017 09:15:42 -0000 1.299
> +++ clientloop.c 21 Jun 2017 10:14:26 -0000
> @@ -1246,7 +1246,7 @@ client_loop(int have_pty, int escape_cha
>
> } else {
> debug("pledge: network");
> - if (pledge("stdio unix inet dns tty", NULL) == -1)
> + if (pledge("stdio unix inet dns proc tty", NULL) == -1)
> fatal("%s pledge(): %s", __func__, strerror(errno));
> }
>
>
