| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-11-17 | pledge() esposes a design issue in bgpd that will take a moment to | Sebastian Benoit | |
| get right, so disable the pledge() call in bgpd (parent process) for now. ok deraadt@ | |||
| 2015-11-17 | change passwd caches to be 4-way "associative". still primitive, but a | Ted Unangst | |
| little better than winner take all caching. | |||
| 2015-11-17 | note that -chs and -l are mutually exclusive; | Jason McIntyre | |
| from jan stary | |||
| 2015-11-17 | Pledge for getconf(1). ok deraadt@ benno@ | Jeremie Courreges-Anglas | |
| kern_pledge.c necessary additions committed earlier by deraadt@ | |||
| 2015-11-17 | direct copy of cp and rm code into mv, so it can avoid fork+exec. | Ted Unangst | |
| some or even most of the code can still be streamlined more. ok deraadt | |||
| 2015-11-17 | Missing "getpw" pledges, these were unnoticed because nobody expects | Theo de Raadt | |
| a user_from_uid(3) call... | |||
| 2015-11-17 | pledge "stdio rpath wpath cpath getpw flock". | Theo de Raadt | |
| "getpw" for user_from_uid, spotted by benno | |||
| 2015-11-17 | no more pac; | Jason McIntyre | |
| 2015-11-17 | don't call AUDIO_SETFD ioctl as it's a no-op | Alexandre Ratchov | |
| 2015-11-17 | sync | Theo de Raadt | |
| 2015-11-17 | Normalize Makefile format, and remove bad advice #BINMODE=2555 | Theo de Raadt | |
| 2015-11-17 | fix memory leak; from David CARLIER | Theo de Raadt | |
| 2015-11-17 | delete setgid kmem (comments) from a different era | Theo de Raadt | |
| 2015-11-17 | remove setgid flag. | Ted Unangst | |
| in turn, move score files into user's home directory. will let theo buehler continue with a smaller pledge set. | |||
| 2015-11-17 | off to the bitbucket in the sky | Theo de Raadt | |
| 2015-11-17 | backout removal of SYS_break from stdio, suggested by deraadt@ | Stuart Henderson | |
| ports using base gcc with PCH include: boost, keepassx, wxWidgets, jdk | |||
| 2015-11-17 | pledge "stdio rpath inet dns" at the head, then after RPC is connected | Theo de Raadt | |
| "stdio rpath" | |||
| 2015-11-17 | pledge() in newsyslog. | Sebastian Benoit | |
| go deraadt@ | |||
| 2015-11-17 | sync | Visa Hankala | |
| 2015-11-17 | Add a manual page for cnmac. | Visa Hankala | |
| ok deraadt@, mpi@, jmc@ | |||
| 2015-11-17 | Clear if_timer when shutting down the interface so the watchdog timer | Jonathan Matthew | |
| doesn't fire a few seconds later. problem reported by Hrvoje Popovski, ok dlg@ | |||
| 2015-11-17 | Sensors marked as invalid should be excluded by snmpd(8) from the sensors | Gerhard Roth | |
| MIB just as sysctl(8) excludes them from the 'hw.sensors' tree. OK mikeb@, stehn@ | |||
| 2015-11-17 | Pledge cvs(1). | Jeremie Courreges-Anglas | |
| The initial pledge(2) call is broad, we can refine later when we know whether we run in server, pserver client mode or regular client mode. pserver server mode is likely broken, it will either be fixed or removed. With and ok semarie@, "let's proceed." deraadt@ | |||
| 2015-11-17 | Unbreak next-hop caching on multipath setups. | Martin Pieuchot | |
| When multiple gateways are in use, the next-hop entrie might not be on the same interface. This is due to the fact that ARP entries are unique and attached to their cloning interface. Found the hard way by and ok dlg@ | |||
| 2015-11-17 | in the SE, loosing the pipe to the main process can be handled with a | Sebastian Benoit | |
| normal shutdown of sessions and exit. no need for fatal(). ok henning@ phessler@ florian@ happy deraadt@ | |||
| 2015-11-17 | Drop a few NULL-checks before free() | mmcc | |
| 2015-11-17 | Clarify sentence about `quit` in BUGS section. | mmcc | |
| From schwarze@, "yes, please" -jmc@ | |||
| 2015-11-17 | Allow sysctl kern.clockrate, kern.argmax, kern.ngroups, kern.sysvshm, | Theo de Raadt | |
| and kern.posix1version. Enough to satisfy getconf, and I hope we don't need to add much more after this. Largely from jca | |||
| 2015-11-17 | clean headers | Theo de Raadt | |
| 2015-11-17 | shuffle transmit to avoid IFQ_POLL. | David Gwynne | |
| basically make sure there's enough space in the ring before dequeueing a packet for it. ok mpi@ jmatthew@ | |||
| 2015-11-16 | Replace remaining calls to index(3) with strchr(3). OK jca@ krw@ | Todd C. Miller | |
| 2015-11-16 | 0x7f is a valid key. | Nicholas Marriott | |
| 2015-11-16 | Allow fingerprinting from standard input "ssh-keygen -lf -" | Damien Miller | |
| Support fingerprinting multiple plain keys in a file and authorized_keys files too (bz#1319) ok markus@ | |||
| 2015-11-16 | always call privsep_preauth_child() regardless of whether sshd | Damien Miller | |
| was started by root; it does important priming before sandboxing and failing to call it could result in sandbox violations later; ok markus@ | |||
| 2015-11-16 | improve sshkey_read() semantics; only update *cpp when a key | Damien Miller | |
| is successfully read; ok markus@ | |||
| 2015-11-16 | rename link to name to avoid shadowing the function | Ted Unangst | |
| 2015-11-16 | improve logging slightly | Ted Unangst | |
| 2015-11-16 | pledge "stdio rpath wpath cpath tmppath fattr tty flock proc exec" | Theo de Raadt | |
| 2015-11-16 | Allow TIOCEXT in pledge "tty" | Theo de Raadt | |
| Discussed with millert | |||
| 2015-11-16 | the list insertion needs to occur right after we get a valid socket, | Ted Unangst | |
| as that is the hint that the request is on the list. | |||
| 2015-11-16 | Replace unbounded gets() in libsa with getln() which takes a buffer size, | Miod Vallat | |
| and convert all gets() users. ok deraadt@ | |||
| 2015-11-16 | minor tweaks; | Jason McIntyre | |
| 2015-11-16 | Observe that FIOASYNC clearing for stdin is only done in the case where | Theo de Raadt | |
| getty receives the fd from init, so hoist it upwards. Since revoke(2) is now allowed by pledge "rpath tty", the pledges can be hoisted much higher. ok millert semarie tedu guenther | |||
| 2015-11-16 | initially, pledge "stdio rpath wpath cpath getpw tty id proc exec", yes | Theo de Raadt | |
| it sounds like a lot, but this will eventually run the /etc/rc scripts to shutdown, then run reboot or halt. After looking at getpw*, drop pledge "getpw". Later drop to just "stdio exec"... This depends on new pledge semantics for revoke(2). with help from jca ok guenther millert semarie tedu jca | |||
| 2015-11-16 | Permit revoke(2) for a pledge "rpath tty" | Theo de Raadt | |
| ok millert semarie tedu guenther | |||
| 2015-11-16 | Only perform revoke(2) on tty cdevs. Others paths return ENOTTY. | Theo de Raadt | |
| ok millert semarie tedu guenther | |||
| 2015-11-16 | In getdevvp() set the VISTTY flag on a vnode to indicate the underlying | Theo de Raadt | |
| device is a D_TTY device. (Like spec_open, but this sets the flag to satisfy pre-VOP_OPEN situations) ok millert semarie tedu guenther | |||
| 2015-11-16 | pledge calendar: | Pascal Stumpf | |
| * "stdio rpath proc exec" in normal mode (execs cpp) * "stdio rpath tmppath fattr id proc exec" in -a mode, which is typically run as root (hint hint) ok deraadt@ | |||
| 2015-11-16 | pledge for gprof: "stdio rpath wpath cpath" in the beginning, then drop | Pascal Stumpf | |
| wpath and cpath if we don't need to write a gmon.sum file (-s flag). ok deraadt@ | |||
| 2015-11-16 | brk/sbrk's use case is way too narrow to be a default stdio pledge. | Pascal Stumpf | |
| Since this only affects base gcc and the ports most in need of PCHs are compiled with ports compilers anyway, let's see what happens if we break it. discussed with and ok deraadt@ | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |