> Index: sys/kern/kern_pledge.c
> ===================================================================
> RCS file: /var/cvs/src/sys/kern/kern_pledge.c,v
> retrieving revision 1.4
> diff -u -p -r1.4 kern_pledge.c
> --- sys/kern/kern_pledge.c 9 Oct 2015 05:30:03 -0000 1.4
> +++ sys/kern/kern_pledge.c 10 Oct 2015 06:07:42 -0000
> @@ -567,6 +567,11 @@ pledge_namei(struct proc *p, char *origp
> strcmp(path, "/etc/localtime") == 0)
> return (0);
>
> + /* For {get,set}proto*() */
> + if ((p->p_pledgenote == TMN_RPATH) &&
> + strcmp(path, "/etc/protocols") == 0)
> + return (0);
> +
> /* /usr/share/nls/../libc.cat has to succeed for strerror(3). */
> if ((p->p_pledgenote == TMN_RPATH) &&
> strncmp(path, "/usr/share/nls/",
I would only do this if the libc parsers for this are fully re-audited.
Please think carefully about the list of paths that are allowed, and why.
It's a tricky balance.
