> Before, from the tame patch in snapshots:
>
> $ dc /dev/null
> Killed
> $
>
> After the below patch:
>
> $ dc /dev/null
> $
>
> Found via the regress tests.
I don't know why you added "proc". I don't see a need for it. Do
you have a seperate test cases that prompts this?
So we can do better than your diff. Enable "rpath" at the start,
but drop it later on when it is no longer needed:
Index: dc.c
===================================================================
RCS file: /cvs/src/usr.bin/dc/dc.c,v
retrieving revision 1.13
diff -u -p -u -r1.13 dc.c
--- dc.c 26 Nov 2014 18:34:51 -0000 1.13
+++ dc.c 3 Oct 2015 15:15:11 -0000
@@ -47,6 +47,8 @@ main(int argc, char *argv[])
char *buf, *p;
struct stat st;
+ if (tame("stdio rpath", NULL) == -1)
+ err(1, "tame");
if ((buf = strdup("")) == NULL)
err(1, NULL);
@@ -89,6 +91,8 @@ main(int argc, char *argv[])
file = fopen(argv[0], "r");
if (file == NULL)
err(1, "cannot open file %s", argv[0]);
+ if (tame("stdio", NULL) == -1)
+ err(1, "tame");
if (fstat(fileno(file), &st) == -1)
err(1, "%s", argv[0]);
if (S_ISDIR(st.st_mode))
@@ -103,6 +107,8 @@ main(int argc, char *argv[])
*/
return (0);
}
+ if (tame("stdio", NULL) == -1)
+ err(1, "tame");
src_setstream(&src, stdin);
reset_bmachine(&src);
eval();
