Index: usr.bin/jot/jot.c
===================================================================
--- usr.bin/jot/jot.c
+++ usr.bin/jot/jot.c
@@ -47,8 +47,10 @@
  * Author:  John Kunze, Office of Comp. Affairs, UCB
  */
 
+#include <sys/capsicum.h>
 #include <ctype.h>
 #include <err.h>
+#include <errno.h>
 #include <limits.h>
 #include <stdio.h>
 #include <stdint.h>
@@ -55,6 +57,7 @@
 #include <stdlib.h>
 #include <stdbool.h>
 #include <string.h>
+#include <termios.h>
 #include <time.h>
 #include <unistd.h>
 
@@ -89,6 +92,7 @@
 int
 main(int argc, char **argv)
 {
+	cap_rights_t rights;
 	bool	have_format = false;
 	bool	infinity = false;
 	bool	nofinalnl = false;
@@ -104,7 +108,20 @@
 	double	x, y;
 	long	i;
 	long	reps = REPS_DEF;
+	unsigned long cmd;
 
+	fclose(stdin);
+	cap_rights_init(&rights, CAP_WRITE, CAP_FSTAT, CAP_IOCTL);
+	if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS)
+		err(1, "unable to limit rights for stdout");
+	cmd = TIOCGETA;
+	if (cap_ioctls_limit(STDOUT_FILENO, &cmd, 1) < 0 && errno != ENOSYS)
+		err(1, "unable to limit ioctls for stdout");
+	cap_rights_init(&rights, CAP_WRITE);
+	if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS)
+		err(1, "unable to limit rights for stderr");
+	if (cap_enter() < 0 && errno != ENOSYS)
+		err(1, "unable to enter capability mode");
 	while ((ch = getopt(argc, argv, "b:cnp:rs:w:")) != -1)
 		switch (ch) {
 		case 'b':