This is a fairly small self-contained program (no library use beyond
libc) that doesn't change often upstream. It does file io (at various
points through the code) but not network and it doesn't do anything
fancy with ioctls. It often does process untrusted data.
pledge() is often not a good match for software in ports, but this seems
a suitable candidate and doesn't add a maintenance burden.
There are a number of operational modes which I haven't attempted to
follow through. Instead as it's fairly simple software I have looked at
the functions called:
$ nm -s /usr/local/bin/altermime
W _Jv_RegisterClasses
U __errno
U __isthreaded
U __sF
U _csu_finish
U _ctype_
0001fe10 B _end
U _tolower_tab_
U atexit
U exit
U fclose
U feof
U fflush
U fgetc
U fopen
U fprintf
U fputc
U fputs
U fread
U free
U fseek
U ftell
U fwrite
U getpid
U malloc
U memcpy
U memmove
U memset
U realloc
U regcomp
U regexec
U regfree
U remove
U rename
U snprintf
U sprintf
U stat
U strchr
U strcmp
U strcpy
U strdup
U strerror
U strlen
U strncasecmp
U strncmp
U strncpy
U strpbrk
U strrchr
U strstr
U syslog
U ungetc
U unlink
U vsnprintf
stdio and file rwc as expected. syslog is always available with
pledge. string handling isn't a system call. The getpid is a bit silly
but covered by pledge stdio anyway.
OK?
Index: Makefile
===================================================================
RCS file: /cvs/ports/mail/altermime/Makefile,v
retrieving revision 1.4
diff -u -p -r1.4 Makefile
--- Makefile 14 Jul 2019 00:39:38 -0000 1.4
+++ Makefile 9 Feb 2021 13:34:54 -0000
@@ -3,7 +3,7 @@
COMMENT= utility for altering mime-encoded mailpacks
DISTNAME= altermime-0.3.10
-REVISION= 0
+REVISION= 1
CATEGORIES= mail
@@ -13,6 +13,7 @@ HOMEPAGE= https://pldaniels.com/altermim
# (see share/doc/altermime/LICENCE)
PERMIT_PACKAGE= Yes
+# uses pledge()
WANTLIB += c
MASTER_SITES= ${HOMEPAGE}
Index: patches/patch-altermime_c
===================================================================
RCS file: patches/patch-altermime_c
diff -N patches/patch-altermime_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-altermime_c 9 Feb 2021 13:34:54 -0000
@@ -0,0 +1,26 @@
+$OpenBSD$
+
+Index: altermime.c
+--- altermime.c.orig
++++ altermime.c
+@@ -11,6 +11,8 @@ Description: Altermime is a program/object which wil
+ #include <stdlib.h>
+ #include <string.h>
+ #include <syslog.h>
++#include <unistd.h>
++#include <errno.h>
+
+ #include "mime_alter.h"
+ #include "logger.h"
+@@ -319,6 +321,11 @@ int main( int argc, char **argv )
+ struct ALTERMIMEAPP_globals glb;
+
+ LOGGER_set_output_mode(_LOGGER_STDOUT);
++
++ if (pledge("stdio rpath wpath cpath", NULL) == -1) {
++ LOGGER_log("Error: pledge: %s\n", strerror(errno));
++ exit(1);
++ }
+
+ ALTERMIMEAPP_init( &glb );
+
