summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2015-10-03Restore description of the sparc64 boot process which was lost whenStefan Sperling
2015-10-03- Simplify use of ctype functions.Tim van der Molen
2015-10-03unifdef some features we will always have. ok benno zhukTed Unangst
2015-10-03tame "stdio" right between setlocale and getopt, it is easy to reviewTheo de Raadt
2015-10-03IPv6 transport for pflow data.Florian Obser
2015-10-03Properly indent usage() output.Antoine Jacoutot
2015-10-03missing asr* -> _asr* symbol rename for building with debug codeEric Faurot
2015-10-03If we care about placing core files from SUID programs in a safe place,Vadim Zhukov
2015-10-03Fix wrong cast.Vadim Zhukov
2015-10-03When multiple vxlan interfaces are configured with same VNI, select theYASUOKA Masahiko
2015-10-03SSL_new(): fix ref counting and memory leak in error path.Doug Hogan
2015-10-03grep only opens files read-only, reads via stdio or other methods, performsTheo de Raadt
2015-10-03tame "stdio getpw rpath" can be done quite early after the getopt.Theo de Raadt
2015-10-03leave does a fork, but other than that it is boring stdio.Theo de Raadt
2015-10-03the chmod & chflags codepaths can use tame "stdio rpath fattr". theTheo de Raadt
2015-10-03gzip can use tame "stdio wpath cpath fattr". this blocks a lot ofTheo de Raadt
2015-10-03BIO_get_fd() could return fd 0; fix error condition. Found atTheo de Raadt
2015-10-03KNFTheo de Raadt
2015-10-03right at startup, this can tame "stdio cpath rpath wpath". after getoptTheo de Raadt
2015-10-03So you'd love me to say sleep() can be tighter than tame "stdio". OK,Theo de Raadt
2015-10-03the ntp dns process only needs tame "dns rw" to operate. at least,Theo de Raadt
2015-10-03In the ntpctl(1) case, after it has connect()'d to ntpd we can tame "stdio"Theo de Raadt
2015-10-03switch from using the systrace-based sandbox to the tame-based sandbox.Theo de Raadt
2015-10-03patch appears to work fully with tame "stdio rpath wpath cpath tmppath fattr".Theo de Raadt
2015-10-03arp uses a non-privileged sockraw to look at the kernel arp tables.Theo de Raadt
2015-10-03like ping, traceroute is a setuid root priv-drop which holds a sockraw.Theo de Raadt
2015-10-03uniq has a complicated initialization around getopt. beforehands, weTheo de Raadt
2015-10-03script is two processes. the main io-loop process can be locked down withTheo de Raadt
2015-10-03finger can either do local users only, or in in remote users. (whoTheo de Raadt
2015-10-03whois uses dns to lookup whois servers, and then opens sockets to them.Theo de Raadt
2015-10-03even before it reaches getopt(), this program will never do more thanTheo de Raadt
2015-10-03acpidump is used as root and opens /dev/mem readonly, to dig outTheo de Raadt
2015-10-03sed only works on files, so the obvious goal is to remove it's networkTheo de Raadt
2015-10-03ping6 is a setuid root priv-drop which holds a sockraw. we can tame itTheo de Raadt
2015-10-03tcpdump is two-process privsep.Theo de Raadt
2015-10-03ping is a setuid root priv-drop which holds a sockraw. we can tame itTheo de Raadt
2015-10-02Curve25519 is now specified in draft-ietf-ipsecme-safecurves-00 (alongReyk Floeter
2015-10-02make a && && & block more readable. no binary change.Theo de Raadt
2015-10-02I see no evidence that lstat() is being done for /etc/resolv.conf, norTheo de Raadt
2015-10-02kern_tame.cTheo de Raadt
2015-10-02update the -t args list; ok guentherJason McIntyre
2015-10-02use limits.h instead of sys/param.h to get PATH_MAXTheo de Raadt
2015-10-02avoid sys/param.h, by using PATH_MAXTheo de Raadt
2015-10-02regenMark Kettenis
2015-10-02RFC7634 specifies ChaCha20-Poly1305 for IKEv2 and IPsec and IANAReyk Floeter
2015-10-02Revert previous commit; something is not quite right yet in the bowels of uvmMark Kettenis
2015-10-02Remove MD5 from the default proposals. At least SHA1 seems to be theReyk Floeter
2015-10-02If the policy certreqtype is 0, use the global one instead.Reyk Floeter
2015-10-02fix emailTheo de Raadt
2015-10-02missing ) in COMPAT_LINUX blockTheo de Raadt