===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/passwd/local_passwd.c,v
retrieving revision 1.45
retrieving revision 1.46
diff -c -r1.45 -r1.46
*** src/usr.bin/passwd/local_passwd.c	2015/10/25 08:39:26	1.45
--- src/usr.bin/passwd/local_passwd.c	2015/11/26 19:01:47	1.46
***************
*** 1,4 ****
! /*	$OpenBSD: local_passwd.c,v 1.45 2015/10/25 08:39:26 ajacoutot Exp $	*/
  
  /*-
   * Copyright (c) 1990 The Regents of the University of California.
--- 1,4 ----
! /*	$OpenBSD: local_passwd.c,v 1.46 2015/11/26 19:01:47 deraadt Exp $	*/
  
  /*-
   * Copyright (c) 1990 The Regents of the University of California.
***************
*** 66,78 ****
  	int pwflags = _PASSWORD_OMITV7;
  
  	if (!(pw = getpwnam(uname))) {
- #ifdef YP
- 		extern int use_yp;
- 		if (!use_yp)
- #endif
  		warnx("unknown user %s.", uname);
  		return(1);
  	}
  	if ((opw = pw_dup(pw)) == NULL) {
  		warn(NULL);
  		return(1);
--- 66,78 ----
  	int pwflags = _PASSWORD_OMITV7;
  
  	if (!(pw = getpwnam(uname))) {
  		warnx("unknown user %s.", uname);
  		return(1);
  	}
+ 
+ 	if (pledge("stdio rpath wpath cpath getpw tty id proc exec", NULL) == -1)
+ 		err(1, "pledge");
+ 
  	if ((opw = pw_dup(pw)) == NULL) {
  		warn(NULL);
  		return(1);
***************
*** 93,98 ****
--- 93,101 ----
  	/* Get the new password. */
  	pw->pw_passwd = getnewpasswd(pw, lc, authenticated);
  
+ 	if (pledge("stdio rpath wpath cpath getpw id proc exec", NULL) == -1)
+ 		err(1, "pledge");
+ 
  	/* Reset password change time based on login.conf. */
  	period = (time_t)login_getcaptime(lc, "passwordtime",
  	    (quad_t)0, (quad_t)0);
***************
*** 115,120 ****
--- 118,126 ----
  	sigdelset(&fullset, SIGINT);
  	sigprocmask(SIG_BLOCK, &fullset, NULL);
  
+ 	if (pledge("stdio rpath wpath cpath proc exec", NULL) == -1)
+ 		err(1, "pledge");
+ 
  	/* Get a lock on the passwd file and open it. */
  	pw_init();
  	for (i = 1; (tfd = pw_lock(0)) == -1; i++) {
***************
*** 155,161 ****
  	savequit = signal(SIGQUIT, kbintr);
  
  	if (!authenticated) {
! 		(void)printf("Changing local password for %s.\n", pw->pw_name);
  		if (uid != 0 && pw->pw_passwd[0] != '\0') {
  			p = getpass("Old password:");
  			if (p == NULL || *p == '\0') {
--- 161,167 ----
  	savequit = signal(SIGQUIT, kbintr);
  
  	if (!authenticated) {
! 		(void)printf("Changing password for %s.\n", pw->pw_name);
  		if (uid != 0 && pw->pw_passwd[0] != '\0') {
  			p = getpass("Old password:");
  			if (p == NULL || *p == '\0') {