Author :
mestre
Date :
2019-08-06 13:34:36
Hash :0256fee7 Message :By now we are already confident that pledge(2) "just works(tm)" and that it can
be used to effectively remove filesystem access.
That being said, in spamd(8) when I pledge(2)d it the main priv process got
"stdio inet" which means there's no fs access at all so calling
chroot(2)/chdir(2) here doesn't get us any additional protection. Just remove
them.
OK deraadt@ and no objections from schwarze@