stty(1) can't be pledged for all modes, but it can be unveiled. the only file to
be opened is on stty -f `file', so call unveil(2) afterwards to restrict all fs
access. tested with all arguments through ktrace/kdump.
ok?
Index: stty.c
===================================================================
RCS file: /cvs/src/bin/stty/stty.c,v
retrieving revision 1.21
diff -u -p -u -r1.21 stty.c
--- stty.c 28 Jun 2019 13:35:00 -0000 1.21
+++ stty.c 23 Oct 2021 15:52:46 -0000
@@ -82,6 +82,11 @@ main(int argc, char *argv[])
args: argc -= optind;
argv += optind;
+ if (unveil("/", "") == -1)
+ err(1, "unveil /");
+ if (unveil(NULL, NULL) == -1)
+ err(1, "unveil");
+
if (ioctl(i.fd, TIOCGETD, &i.ldisc) == -1)
err(1, "TIOCGETD");
