| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2003-02-20 | Fix a crash in the systrace found by form@ | Artur Grabowski | |
| One is a kernel fix that changes the lockin and one is a userland fix that prevents dereferencing a freed pointer. From provos deraadt@ ok | |||
| 2002-12-09 | prevent the use of permit for aliases. from provos | Jun-ichiro itojun Hagino | |
| 2002-11-26 | performance improvement by omitting a redundant getcwd. | Jun-ichiro itojun Hagino | |
| from provos | |||
| 2002-10-16 | support for privilege elevation. | Jun-ichiro itojun Hagino | |
| with privilege elevation no suid or sgid binaries are necessary any longer. Applications can be executed completely unprivileged. Systrace raises the privileges for a single system call depending on the configured policy. Idea from discussions with Perry Metzger, Dug Song and Marcus Watts. from provos | |||
| 2002-10-09 | predicates are part of the grammar now; in non-root case, predicates are | Jun-ichiro itojun Hagino | |
| evaluated only once; in root case, predicates and variable expansion are dynamic. from provos | |||
| 2002-08-04 | keep track of ppid and allow matching rules to be logged via syslog. | Niels Provos | |
| 2002-08-01 | the last component in a filename for unlink may be a symlink | Niels Provos | |
| 2002-07-22 | add seqnr to message from kernel, userland needs to quote correct seqnr. | Niels Provos | |
| avoids problems where tsleep has been interrupted by a signal. | |||
| 2002-07-19 | constify, have missing prototypes, use pedantic compilation options. | Jun-ichiro itojun Hagino | |
| niels ok | |||
| 2002-07-16 | internal uid/gid tracking. permit can not detach systrace, useful for | Niels Provos | |
| sshd. | |||
| 2002-07-12 | some clean up. install argument replacements only if we are going to | Niels Provos | |
| permit the system call. translate some set[e]{g,u}id calls | |||
| 2002-07-09 | allow systrace to run in the background if possible so that the executed | Niels Provos | |
| process gets the terminal correctly and exit status reporting works; based on a diff from atatat@atatdot.net from netbsd. | |||
| 2002-07-09 | support for system call aliasing. stat/fstat/readlink/access etc... gets | Niels Provos | |
| grouped into fsread, unlink/rmdir/mkdir goes to fswrite. open switches back between fsread and fswrite depending on oflags parameter. | |||
| 2002-06-21 | rewrite all system call arguments in the permit case. use realpath | Niels Provos | |
| when we still have the root and we of the monitored process. this eliminates almost all race coniditions. | |||
| 2002-06-10 | support attaching to a running process; some code by fries@ | Niels Provos | |
| 2002-06-04 | initial import of systrace. don't touch this, more stuff coming in a while | Niels Provos | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |