On 2018/02/23 09:45, Klemens Nanni wrote:
> > > -+ if (pledge("stdio rpath proc exec", NULL) == -1)
> > > -+ err(1, "pledge");
> > > ++
> > > ++ /* allow prot_exec if icons are used */
> > > ++ if (settings.icon_position != icons_off) {
> > > ++ if (pledge("stdio rpath proc exec prot_exec", NULL) ==
> > > -1)
> > > ++ err(1, "pledge");
> > > ++ } else {
> > > ++ if (pledge("stdio rpath proc exec", NULL) == -1)
> > > ++ err(1, "pledge");
> > > ++ }
Generally OK with the update but regarding the pledge change:
Honestly I'd keep it simple. It's not like there's a super-tight pledge
already - it has unrestricted exec. Rather than adding a conditional to
the pledge I think you might as well just have the single check and add
prot_exec to the pledge. CC'ing tb@ for a second opinion though :)
I'd probably commit as 2-part so the commit history is clear. 1, fix
pledge in the existing port (since the problem is not new), 2, do the
update.
