===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/su/su.c,v
retrieving revision 1.70
retrieving revision 1.71
diff -c -r1.70 -r1.71
*** src/usr.bin/su/su.c	2015/10/30 19:45:03	1.70
--- src/usr.bin/su/su.c	2018/08/23 16:52:13	1.71
***************
*** 1,4 ****
! /*	$OpenBSD: su.c,v 1.70 2015/10/30 19:45:03 miod Exp $	*/
  
  /*
   * Copyright (c) 1988 The Regents of the University of California.
--- 1,4 ----
! /*	$OpenBSD: su.c,v 1.71 2018/08/23 16:52:13 deraadt Exp $	*/
  
  /*
   * Copyright (c) 1988 The Regents of the University of California.
***************
*** 73,79 ****
  	uid_t ruid;
  	u_int flags;
  
! 	if (pledge("stdio rpath getpw proc exec id", NULL) == -1)
  		err(1, "pledge");
  
  	while ((ch = getopt(argc, argv, "a:c:fKLlms:-")) != -1)
--- 73,79 ----
  	uid_t ruid;
  	u_int flags;
  
! 	if (pledge("stdio unveil rpath getpw proc exec id", NULL) == -1)
  		err(1, "pledge");
  
  	while ((ch = getopt(argc, argv, "a:c:fKLlms:-")) != -1)
***************
*** 160,165 ****
--- 160,170 ----
  		}
  	}
  
+ 	if (unveil(_PATH_LOGIN_CONF, "r") == -1)
+ 		err(1, "unveil");
+ 	if (unveil(_PATH_AUTHPROGDIR, "x") == -1)
+ 		err(1, "unveil");
+ 
  	for (;;) {
  		/* get target user, default to root unless in -L mode */
  		if (*argv) {
***************
*** 215,221 ****
  		fprintf(stderr, "Login incorrect\n");
  	}
  
! 	if (pledge("stdio rpath getpw exec id", NULL) == -1)
  		err(1, "pledge");
  
  	if (!altshell) {
--- 220,226 ----
  		fprintf(stderr, "Login incorrect\n");
  	}
  
! 	if (pledge("stdio unveil rpath getpw exec id", NULL) == -1)
  		err(1, "pledge");
  
  	if (!altshell) {
***************
*** 233,238 ****
--- 238,248 ----
  		}
  	}
  
+ 	if (unveil(shell, "x") == -1)
+ 		err(1, "unveil");
+ 	if (unveil(pwd->pw_dir, "r") == -1)
+ 		err(1, "unveil");
+ 
  	if ((p = strrchr(shell, '/')))
  		avshell = p+1;
  	else
***************
*** 260,265 ****
--- 270,277 ----
  				if (login_getcapbool(lc, "requirehome", 0)) {
  					auth_err(as, 1, "%s", pwd->pw_dir);
  				} else {
+ 					if (unveil("/", "r") == -1)
+ 						err(1, "unveil");
  					printf("No home directory %s!\n", pwd->pw_dir);
  					printf("Logging in with home = \"/\".\n");
  					if (chdir("/") < 0)
***************
*** 285,290 ****
--- 297,304 ----
  		if (setenv("SHELL", shell, 1) == -1)
  			auth_err(as, 1, "unable to set environment");
  	}
+ 	if (pledge("stdio rpath getpw exec id", NULL) == -1)
+ 		err(1, "pledge");
  
  	np = *argv ? argv : argv - 1;
  	if (iscsh == YES) {