ok with 2 comments below Rob Pierce(r...@2keys.ca) on 2017.08.11 16:35:21 -0400: > The following diff pledges two of three processes in snmpd: the parent snmpd > process and the trap handler. We cannot currently pledge snmpe as snmp > requests > asking for privileged kernel info are disallowed by pledge. > > I have included a commented pledge block in snmpe.c below (which will not be > committed) which I believe would be possible if we moved the code that > violates pledge to another unpledged process. If we think that is worth while > I could pursue it further. > > In the mean time I am looking for comments and/or ok's for the snmpd.c and > traphandler.c diffs below. > > This passes the newly committed snmpd regression tests. > > Regards, > > Rob
try to sort the pledge arguments in this order: stdio rpath wpath cpath fattr flock inet unix dns route mcast dns id getpw \ proc recvfd sendfd exec tty > Index: snmpd.c > =================================================================== > RCS file: /cvs/src/usr.sbin/snmpd/snmpd.c,v > retrieving revision 1.36 > diff -u -p -r1.36 snmpd.c > --- snmpd.c 4 Apr 2017 02:37:15 -0000 1.36 > +++ snmpd.c 11 Aug 2017 20:10:50 -0000 > @@ -255,6 +255,9 @@ main(int argc, char *argv[]) > > proc_connect(ps); > > + if (pledge("stdio rpath cpath sendfd dns proc exec id", NULL) == -1) > + fatal("pledge"); > + > event_dispatch(); > > log_debug("%d parent exiting", getpid()); > Index: snmpe.c > =================================================================== > RCS file: /cvs/src/usr.sbin/snmpd/snmpe.c,v > retrieving revision 1.48 > diff -u -p -r1.48 snmpe.c > --- snmpe.c 27 Jul 2017 14:04:16 -0000 1.48 > +++ snmpe.c 11 Aug 2017 20:10:50 -0000 > @@ -105,6 +105,10 @@ snmpe_init(struct privsep *ps, struct pr > snmpe_recvmsg, env); > event_add(&so->s_ev, NULL); > } > +/* > + if (pledge("stdio recvfd inet vminfo route", NULL) == -1) > + fatal("pledge"); > + */ add a XXX not enabled because foobarbaz > } > > void > Index: traphandler.c > =================================================================== > RCS file: /cvs/src/usr.sbin/snmpd/traphandler.c,v > retrieving revision 1.8 > diff -u -p -r1.8 traphandler.c > --- traphandler.c 9 Jan 2017 14:49:22 -0000 1.8 > +++ traphandler.c 11 Aug 2017 20:10:50 -0000 > @@ -96,6 +96,9 @@ traphandler_init(struct privsep *ps, str > struct snmpd *env = ps->ps_env; > struct listen_sock *so; > > + if (pledge("stdio recvfd proc exec id", NULL) == -1) > + fatal("pledge"); > + > if (!env->sc_traphandler) > return; > >