Ping?

On 27/10/2015 12:33, Ricardo Mestre wrote:
Hi!

I have been running this on my "production" server, for a few days now, without any apparent issues (I also tested manual interactions adding/removing SPAMTRAP and TRAPPED entries).

Any comments? :)

Best regards,
Ricardo Mestre

On 24/10/2015 21:37, Ricardo Mestre wrote:
Hi tech@,

spamdb(8) can pledge(2) for "stdio rpath wpath flock" and "flock" permission can be dropped after "/var/db/spamd" is opened with dbopen(3).

Index: spamdb.c
===================================================================
RCS file: /cvs/src/usr.sbin/spamdb/spamdb.c,v
retrieving revision 1.29
diff -u -p -u -r1.29 spamdb.c
--- spamdb.c    24 Nov 2013 01:06:19 -0000      1.29
+++ spamdb.c    24 Oct 2015 20:23:24 -0000
@@ -276,6 +276,9 @@ main(int argc, char **argv)
        HASHINFO        hashinfo;
        DB              *db;

+       if (pledge("stdio rpath wpath flock", NULL) == -1)
+               err(1, "pledge");
+
        while ((ch = getopt(argc, argv, "adtT")) != -1) {
                switch (ch) {
                case 'a':
@@ -307,6 +310,9 @@ main(int argc, char **argv)
                err(1, "cannot open %s for %s", PATH_SPAMD_DB,
                    action ? "writing" : "reading");
        }
+
+       if (pledge("stdio rpath wpath", NULL) == -1)
+               err(1, "pledge");

        switch (action) {
        case 0:

Best regards,
Ricardo Mestre


Reply via email to