Here's an attempt to tighten compress/gzip's pledge:
Due to the use of fts(3), we always require rpath, even for
gzip <in >out.
We only write to stdio and never to any files...
* if we are in cat mode (-c, zcat)
* if we are in test mode (-t)
* if there are no file arguments and there is no -o outfile
Does the logic sound correct? It could use more testing.
Index: main.c
===================================================================
RCS file: /cvs/src/usr.bin/compress/main.c,v
retrieving revision 1.89
diff -u -p -r1.89 main.c
--- main.c 9 Oct 2015 01:37:07 -0000 1.89
+++ main.c 16 Oct 2015 23:05:07 -0000
@@ -332,6 +332,10 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;
+ if (cflag || testmode || (!oflag && argc == 0))
+ if (pledge("stdio rpath", NULL) == -1)
+ err(1, "pledge");
+
if (argc == 0) {
argv = calloc(2, sizeof(char *));
if (argv == NULL)
--
Christian "naddy" Weisgerber [email protected]
