From 74661ad4eba34b8ba02fd1b2c27a645b453f3215 Mon Sep 17 00:00:00 2001
From: Stefan Rinkes <stefan.rinkes@gmail.com>
Date: Sun, 17 Apr 2011 11:14:07 +0200
Subject: [PATCH] pf plugin: read permissions are enough for /dev/pf

---
 src/pf.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/pf.c b/src/pf.c
index 7c677bf6..9d99e3a7 100644
--- a/src/pf.c
+++ b/src/pf.c
@@ -48,7 +48,7 @@ pf_init(void)
 {
 	struct pf_status	status;
 
-	if ((dev = open(PF_SOCKET, O_RDWR)) == -1) {
+	if ((dev = open(PF_SOCKET, O_RDONLY)) == -1) {
 		return (-1);
 	}
 	if (ioctl(dev, DIOCGETSTATUS, &status) == -1) {
@@ -72,7 +72,7 @@ pf_read(void)
 	char		*lnames[] = LCNT_NAMES;
 	char		*names[] = { "searches", "inserts", "removals" };
 
-	if ((dev = open(PF_SOCKET, O_RDWR)) == -1) {
+	if ((dev = open(PF_SOCKET, O_RDONLY)) == -1) {
 		return (-1);
 	}
 	if (ioctl(dev, DIOCGETSTATUS, &status) == -1) {
-- 
2.11.0