From 94c9645820d9de982d523cf694ba7ed49ed2021d Mon Sep 17 00:00:00 2001
From: Aaron Bieber <aaron@bolddaemon.com>
Date: Mon, 3 Feb 2020 20:42:19 -0700
Subject: [PATCH] use pledge \o/

---
 main.go            | 4 ++++
 protect_openbsd.go | 3 +--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/main.go b/main.go
index 7adc1d6..9731070 100644
--- a/main.go
+++ b/main.go
@@ -44,6 +44,7 @@ func main() {
 
 	flag.Parse()
 
+	pledge("stdio unveil rpath wpath cpath flock dns inet tty")
 	unveil("/etc/resolv.conf", "r")
 	unveil("/etc/ssl/cert.pem", "r")
 	unveil(db, "rwc")
@@ -89,6 +90,9 @@ func main() {
 			log.Fatalln(err)
 		}
 
+		// No longer need tty now that we have our info
+		pledge("stdio unveil rpath wpath cpath flock dns inet")
+
 		store.set("account", "username", username)
 		store.set("account", "access_token", resp.AccessToken)
 		store.set("account", "user_id", resp.UserID)
diff --git a/protect_openbsd.go b/protect_openbsd.go
index 405982d..8f94ae0 100644
--- a/protect_openbsd.go
+++ b/protect_openbsd.go
@@ -14,7 +14,6 @@ func unveilBlock() {
 	unix.UnveilBlock()
 }
 
-func plegde(promises string) {
+func pledge(promises string) {
 	unix.PledgePromises(promises)
-
 }