Hi ports@,
This diff adds support for pledge() to the current Lynx version.
Needs 'cpath', 'rpath', 'wpath' for reading/saving configuration and
bookmarks, and to save downloaded files.
Needs 'proc' and 'exec' for mailing printed files and spawning shell.
The other promises are obvious.
Index: Makefile
===================================================================
RCS file: /cvs/ports/www/lynx/Makefile,v
retrieving revision 1.22
diff -u -p -u -p -r1.22 Makefile
--- Makefile 14 Jan 2016 10:45:07 -0000 1.22
+++ Makefile 28 Jan 2016 22:32:56 -0000
@@ -5,7 +5,7 @@ PL = 8
COMMENT = text web browser
DISTNAME = lynx${V}dev.${PL}
PKGNAME = lynx-${V}pl${PL}
-REVISION = 1
+REVISION = 2
EXTRACT_SUFX = .tar.bz2
CATEGORIES = www net
@@ -16,6 +16,7 @@ MAINTAINER = Frederic Cambus <fred@statd
# GPLv2 only
PERMIT_PACKAGE_CDROM = Yes
+# uses pledge()
WANTLIB += c crypto ncurses ssl z
MASTER_SITES = http://invisible-mirror.net/archives/lynx/tarballs/
Index: patches/patch-src_LYMain_c
===================================================================
RCS file: patches/patch-src_LYMain_c
diff -N patches/patch-src_LYMain_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_LYMain_c 28 Jan 2016 22:32:56 -0000
@@ -0,0 +1,14 @@
+$OpenBSD$
+--- src/LYMain.c.orig Thu Jan 28 17:57:15 2016
++++ src/LYMain.c Wed Jan 20 21:14:26 2016
+@@ -1024,6 +1024,10 @@ int main(int argc,
+ WSADATA WSAData;
+ #endif /* _WINDOWS */
+
++ if (pledge("stdio tty cpath rpath wpath dns inet proc exec", NULL) == -1)
{
++ err(EXIT_FAILURE, "pledge");
++ }
++
+ /*
+ * Just in case someone has the idea to install lynx set-uid, let's try
+ * to discourage it.
