CVSROOT: /cvs Module name: src Changes by: [email protected] 2015/12/23 14:16:17
Modified files:
sbin/mountd : Makefile mountd.c
Log message:
Add privilege separation and pledge().
A privileged (that is, unpledged) child is forked that makes the "unpledgable"
getfh(2) and mount(2) calls. It also takes care of writing /var/db/mountdtab so
that the parent does not have to pledge "cpath wpath".
This, then, allows the parent to pledge "stdio rpath inet dns".
Suggestions and OK deraadt@
