On Fri, Nov 20, 2015 at 04:26:08PM -0700, Florian Obser wrote: > CVSROOT: /cvs > Module name: src > Changes by: [email protected] 2015/11/20 16:26:08 > > Modified files: > usr.sbin/bgpd : bgpd.c session.c > > Log message: > bgpd has been naughty. It tries to play with AF_UNIX sockets without > pledging "unix". > Move control_listen up to the main process which already has > pledge("unix"). accept(2) was already allowed. > > (Technically no longer necessary since listen(2) is now allowed, too, > but this moves it to the right place.) > > OK claudio@, deraadt@ >
and OK sthen@ -- I'm not entirely sure you are real.
