Hi,
After we successfully connect to the unix socket created by apmd(8) all actions
occur over fds so we can drop only to pledge("stdio").
The code path in the case that the required action is GETSTATUS and we couldn't
connect to the socket then after open(2)/ioctl(2) the device directly we can
pledge("stdio") as well since from here on down we only need to printf(3)
messages.
All modes have been tested with both apmd(8) running and also stopped without
any issues. Bear in mind this only applies to apm(8), not to apmd(8) which
requires further permissions.
Comments? OK?
Index: apm.c
===================================================================
RCS file: /cvs/src/usr.sbin/apm/apm.c,v
retrieving revision 1.33
diff -u -p -u -r1.33 apm.c
--- apm.c 23 Jul 2017 12:51:20 -0000 1.33
+++ apm.c 13 Aug 2018 14:36:17 -0000
@@ -246,7 +246,7 @@ main(int argc, char *argv[])
fd = open_socket(sockname);
if (fd != -1) {
- if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ if (pledge("stdio", NULL) == -1)
err(1, "pledge");
}
@@ -287,8 +287,12 @@ main(int argc, char *argv[])
/* open the device directly and get status */
fd = open(_PATH_APM_NORMAL, O_RDONLY);
if (ioctl(fd, APM_IOC_GETPOWER,
- &reply.batterystate) == 0)
+ &reply.batterystate) == 0) {
+ if (pledge("stdio", NULL) == -1)
+ err(1, "pledge");
+
goto printval;
+ }
}
/* FALLTHROUGH */
balony:
