commit - 3a96e431f52e0dc30405e20330aa6ac0f04790e3
commit + fe48b8a35b1ce2ff6de2275bc413d8e0e60eaf2f
blob - 8133c3cfd7c7f834365b8c2b88095a93d5442580
blob + 1d3789e902b9ab1f3b7dd6c0ffece44888797b6b
--- vias.c
+++ vias.c
@@ -358,7 +358,7 @@ main(int argc, char **argv)
 	gid_t groups[NGROUPS_MAX + 1];
 	int ngroups;
 	int i, ch;
-	int ofd, tfd;
+	int ofd, tfd, ttyfd;
 	char cwdpath[PATH_MAX];
 	const char *cwd;
 	char *login_style = NULL;
@@ -426,19 +426,19 @@ main(int argc, char **argv)
 	if (!(rule->options & NOPASS))
 		authuser(myname, login_style, rule->options & PERSIST);
 
-	if (pledge("stdio rpath wpath cpath exec proc id", NULL) == -1)
+	if (pledge("stdio rpath wpath cpath exec proc id tty", NULL) == -1)
 		err(1, "pledge");
 
 	if ((setuid(uid)) == -1)
 		err(1, "setuid failed");
 
-	if (pledge("stdio rpath wpath cpath exec proc", NULL) == -1)
+	if (pledge("stdio rpath wpath cpath exec proc tty", NULL) == -1)
 		err(1, "pledge");
 
 	if ((tfd = mkstemp(tmpfile)) == -1)
 		err(1, "mkstemp failed");
 
-	if (pledge("stdio rpath cpath exec proc", NULL) == -1)
+	if (pledge("stdio rpath cpath exec proc tty", NULL) == -1)
 		err(1, "pledge");
 
 	if (!fcpy(tfd, ofd)) {
@@ -451,7 +451,7 @@ main(int argc, char **argv)
 	else
 		cwd = cwdpath;
 
-	if (pledge("stdio cpath exec proc", NULL) == -1)
+	if (pledge("stdio cpath exec proc tty", NULL) == -1)
 		err(1, "pledge");
 
 	syslog(LOG_AUTHPRIV | LOG_INFO, "%s edited %s from %s",
@@ -481,10 +481,13 @@ main(int argc, char **argv)
 		execvp(eargv[0], eargv);
 		err(1, "execvp failed");
 	default:
-		if (pledge("stdio cpath", NULL) == -1)
+		if (pledge("stdio cpath proc tty", NULL) == -1)
 			err(1, "pledge");
 
-		(void) signal(SIGINT, SIG_IGN);
+		(void)setpgid(vipid, 0);
+		ttyfd = open("/dev/tty", O_RDWR);
+		if (ttyfd != -1)
+			(void)tcsetpgrp(ttyfd, vipid);
 		while ((ret = waitpid(vipid, &status, 0)) == -1 &&
 		    errno == EINTR)
 			;