Hi all,
When using vi(1) with secure mode (-S), both 'proc' and 'exec' are
stripped from the pledge promise. This breaks the :pre[serve] command
as it uses fork(2). This is broken on 6.4, 6.5 and -current.
Re-add the 'proc' promise, even when running in secure mode.
Jesper Wallin
Index: common/main.c
===================================================================
RCS file: /cvs/src/usr.bin/vi/common/main.c,v
retrieving revision 1.41
diff -u -p -r1.41 main.c
--- common/main.c 10 Nov 2017 18:31:36 -0000 1.41
+++ common/main.c 19 Jul 2019 19:32:26 -0000
@@ -220,7 +220,7 @@ editor(GS *gp, int argc, char *argv[])
argv += optind;
if (secure)
- if (pledge("stdio rpath wpath cpath fattr flock getpw tty",
NULL) == -1) {
+ if (pledge("stdio rpath wpath cpath fattr flock getpw tty
proc", NULL) == -1) {
perror("pledge");
goto err;
}
Index: common/options_f.c
===================================================================
RCS file: /cvs/src/usr.bin/vi/common/options_f.c,v
retrieving revision 1.13
diff -u -p -r1.13 options_f.c
--- common/options_f.c 21 May 2019 09:24:58 -0000 1.13
+++ common/options_f.c 19 Jul 2019 19:32:26 -0000
@@ -212,7 +212,7 @@ f_section(SCR *sp, OPTION *op, char *str
int
f_secure(SCR *sp, OPTION *op, char *str, u_long *valp)
{
- if (pledge("stdio rpath wpath cpath fattr flock getpw tty", NULL) ==
-1) {
+ if (pledge("stdio rpath wpath cpath fattr flock getpw tty proc", NULL)
== -1) {
msgq(sp, M_ERR, "pledge failed");
return (1);
}
