From: Florian Obser <florian@openbsd.org>
Subject: rpcinfo(8): add pledge & unveil.
To: tech <tech@openbsd.org>
Date: Sun, 11 Aug 2024 14:04:53 +0200

Not an rpcinfo(8) user, but I think I tested all code paths.

The rpc library needs read access to the rpc database in
/etc/rpc. Other than that rpcinfo(8) only uses AF_INET sockets.

With -b, rpcinfo(8) uses gethostbyaddr(3) to report hosts that responded
so add "dns" pledge as well.

I couldn't really test -b though, nothing answered, maybe that's normal
in this day and age?

Tests, OKs?

diff --git rpcinfo.c rpcinfo.c
index 91d99144c2c..489f45716fa 100644
--- rpcinfo.c
+++ rpcinfo.c
@@ -50,6 +50,7 @@
 #include <errno.h>
 #include <limits.h>
 #include <arpa/inet.h>
+#include <err.h>
 
 #define MAXHOSTLEN 256
 
@@ -94,6 +95,15 @@ main(int argc, char *argv[])
 	function = NONE;
 	portnum = 0;
 	errflg = 0;
+
+	if (unveil("/etc/rpc", "r") == -1)
+		err(1, "unveil /");
+	if (unveil(NULL, NULL) == -1)
+		err(1, "unveil");
+
+	if (pledge("stdio inet dns rpath", NULL) == -1)
+		err(1, "pledge");
+
 	while ((c = getopt(argc, argv, "ptubdsn:")) != -1) {
 		switch (c) {
 

-- 
In my defence, I have been left unsupervised.