From: Matthew Luckie Subject: Re: [patch] allow IP_RECVIF setsockopt with inet pledge To: tech@openbsd.org Date: Sat, 18 Apr 2026 05:00:55 +1200 On Fri, Apr 17, 2026 at 11:33:16AM +0100, Stuart Henderson wrote: > On 2026/04/16 08:25, Matthew Luckie wrote: > > Hi, > > > > I have written a small program that runs unpriviledged that uses > > IP_RECVIF to obtain the interface a UDP datagram arrives on. I would > > like to be able to pledge("inet stdio") but pledge does not allow > > IP_RECVIF. I think it should be able to -- pledge_sockopt() allows > > the equivalent functionality provided by IPV6_RECVPKTINFO. > > Adding this makes sense to me. While some software using this is able > to do it during init before pledging (e.g. ripd) that doesn't really > make sense for simpler software where this might be wanted, and as you > say, IPV6_RECVPKTINFO is allowed already. The model of setting IP_RECVIF at init before pledging works for my current use case as well. I should have thought more carefully about that. So, I don't need the patch to kern_pledge.c given other concern in this thread. Sorry for the noise (but hopefully the ip.4 patch is still useful)