nm(1) was tamed shortly before the "exec" promise was introduced. The
"proc exec" is necessary to cover `nm -C' which fork-exec's c++filt(1).
Right after potential fork-exec, the original pledge "stdio rpath" is
given (one could make that last pledge call in the file conditional on
`issize' so that size only pledges once, but that complication doesn't
seem to be worth it).
Index: usr.bin/nm/nm.c
===================================================================
RCS file: /cvs/src/usr.bin/nm/nm.c,v
retrieving revision 1.49
diff -u -p -r1.49 nm.c
--- usr.bin/nm/nm.c 9 Oct 2015 01:37:08 -0000 1.49
+++ usr.bin/nm/nm.c 13 Nov 2015 13:38:20 -0000
@@ -135,10 +135,16 @@ main(int argc, char *argv[])
const struct option *lopts;
int ch, eval;
+ if (pledge("stdio rpath proc exec", NULL) == -1)
+ err(1, "pledge");
+
optstr = OPTSTRING_NM;
lopts = longopts_nm;
if (!strcmp(__progname, "size")) {
- issize++;
+ if (pledge("stdio rpath", NULL) == -1)
+ err(1, "pledge");
+
+ issize = 1;
optstr = "tw";
lopts = NULL;
}
