summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-10-16Disable !-command to escape to a shell. You are supposed to play, pressTobias Stoeckmann
^Z, or open up another terminal if there is something else to do. ok deraadt
2015-10-16Add native support for ed-style diffs. No need to pledge "proc exec" anymore.Tobias Stoeckmann
ok deraadt
2015-10-16doug and I think the kernel has enough features to supportTheo de Raadt
pledge "stdio rpath wpath cpath getpw proc exec tty" now. It will be hard to drop many of those features unless cu becomes privsep for the "upload" commands.
2015-10-16FIOSETOWN/FIOGETOWN were added to "ioctl", but study finds no programsTheo de Raadt
currently needing them. delete 'em for now. ok doug
2015-10-16Add TIOCCBRK and TIOCSDTR to the whitelist for pledge ioctl.Doug Hogan
cu(1) uses these. ok deraadt@
2015-10-16Pledge support for the parent/resolver in identd(8).Doug Hogan
This limits the resolver to just "stdio getpw" or "stdio getpw rpath" depending on whether ~/.noident files are checked. The child/listener cannot use pledge yet because it calls a sysctl that hasn't been whitelisted. "commit" deraadt@
2015-10-16Pledge for ftp(1) in non-interactive mode.Doug Hogan
We will iterate and remove some of the pledges in the future. This is conservative for now. Tested by sthen@ and myself. ok deraadt@
1995-10-18initial import of NetBSD treeTheo de Raadt
2015-10-16Remove -B from EXAMPLES; reminded by jmc@Miod Vallat
2015-10-16Add allocarray(), an overflow-safe allocation function.mmcc
We avoided reallocation support because it demands more fancy footwork to deal with the prepended link struct. This has been on my mind for a while, and a 2010 security review of mksh by the Android security team's Chris Palmer suggested it. ok nicm@. Also discussed with millert@ and tedu@.
2015-10-16syncTheo de Raadt
2015-10-16fine tune the logging some moreTed Unangst
2015-10-16simplify logging functions. once a daemon, always a daemonTed Unangst
2015-10-16safety check that we're dealing with the filter we expectTed Unangst
2015-10-16most things should be staticTed Unangst
2015-10-16exit(1) is better for the impossible conditionTed Unangst
2015-10-15fix some signed/unsigned integer type mismatches in formatDamien Miller
strings; reported by Nicholas Lemonias
2015-10-15Do not abuse .Nm for emphasis;Ingo Schwarze
patch from Michael Reed <m dot reed at mykolab dot com>. Also drop .Tn while here.
2015-10-15Delete two preprocessor constants that are no longer used.Ingo Schwarze
Patch from Michael Reed <m dot reed at mykolab dot com>.
2015-10-15argument to sshkey_from_private() and sshkey_demote() can't be NULLDamien Miller
2015-10-15After spawning, the parent can pledge "stdio rpath wpath cpath"Theo de Raadt
from rob pierce
2015-10-15Remove three distracting aliases for NULL.mmcc
ok nicm@
2015-10-15Simplify the part of args() that is handling .Bl -column phrases:Ingo Schwarze
Delete manual "Ta" handling because macro handling should not be done in an argument parser but should be left to the macro parsers, which exist anyway and work well. No functional change, minus 40 lines of code. Confusing and redundant code found while investigating an old bug report from tim@.
2015-10-15When blk_full() handles an .It line in .Bl -column and indirectlyIngo Schwarze
calls phrase_ta() to handle a .Ta child macro, advance the body pointer accordingly, such that a subsequent tab character rewinds the right body block and doesn't fail an assertion. That happened when there was nothing between the .Ta and the tab character. Bug reported by tim@ some time ago.
2015-10-15it is perhaps better style to not call close() on -1, even if harmlessTed Unangst
2015-10-15make sure req is zeroed in tcp caseTed Unangst
2015-10-15better memory handling of the request/cache chainTed Unangst
2015-10-15do not insert entry into cache until it's fully formedTed Unangst
2015-10-15doh, not all requests are the same size. check len first.Ted Unangst
2015-10-15assert is the wrong toolTed Unangst
2015-10-15the inet sockets don't work well with inet6 addrs. pick family from addr.Ted Unangst
detected by naddy
2015-10-15everybody can build reboundTed Unangst
2015-10-15no mail for _rebound. deraadtTed Unangst
2015-10-15introduce logerr, since most logging is followed by exitTed Unangst
2015-10-15don't allow NSD to pick up libevent from /usr/local if the libevent2Stuart Henderson
package is installed.
2015-10-15now with _rebound user, we can try a little harder at privdropTed Unangst
2015-10-15_rebound user and group (52)Ted Unangst
2015-10-15make the HUP interlocking in the parent work better.Ted Unangst
2015-10-15trivial KNFTheo de Raadt
2015-10-15In syslogd replace the dprintf() macro with a logdebug() functionAlexander Bluhm
as dprintf(3) is in libc now and does something different. OK guenther@
2015-10-15Pledge login_token with "stdio rpath wpath cpath fattr getpw tty".Alexander Bluhm
OK deraadt@
2015-10-15just a space in usage, from deraadtTed Unangst
2015-10-15Remove an unused included header (sys/stat.h).mmcc
2015-10-15add a hint about the config file, until it changesTed Unangst
2015-10-15child can be pledged down a bit to just sockets and ioTed Unangst
2015-10-15When using a pf rule with both nat-to and rdr-to, it could happenAlexander Bluhm
that the nated source port was reused as destination port. Do not initialize nport at the beginning of the function, but where it is needed. OK sashan@
2015-10-15import rebound, a lightweight dns proxy, for further polishingTed Unangst
2015-10-15Introduce an unsigned char variable for the ctype function calls.mmcc
ok millert@
2015-10-15Don't Xr flock, since that is not the locking method used.Theo de Raadt
ok millert
2015-10-15Remove disklabel -B (NUMBOOT) support. All the platforms which used to needMiod Vallat
it are now using MI installboot for that purpose. ok krw@ deraadt@
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 13:49:33 +0000