summaryrefslogtreecommitdiff
path: root/bin/systrace/policy.c
AgeCommit message (Collapse)Author
2003-07-19- sync with NetBSD or Niels' tarball where appropriateNikolay Sturm
- keeps local changes - fixes a bug in profile feedback optimization and avoids symbol conflicts with errno - new feature: "ask" action itojun@ ok
2003-06-19remove unused code which allocated useless memory (which was not freed)Peter Valchev
ok provos itojun
2003-06-16- limited number of processes per systraceJun-ichiro itojun Hagino
- escape fixes for special characters markus, sturm ok. from provos
2003-06-02prevents systrace from referencing freed memory; provosJun-ichiro itojun Hagino
2003-04-17use asprintf; fix (remove) some incorrectly sized buffers in the processPeter Valchev
help & ok millert, miod, deraadt, tedu
2003-02-18intial -> initial;Jason McIntyre
the great intial witch hunt, as prompted by tdeval@ os-aix-dso.c: ok henning@ ab.C: ok drahn@
2002-12-09better parsing of # comments. from provosJun-ichiro itojun Hagino
2002-12-09prevent the use of permit for aliases. from provosJun-ichiro itojun Hagino
2002-10-09predicates are part of the grammar now; in non-root case, predicates areJun-ichiro itojun Hagino
evaluated only once; in root case, predicates and variable expansion are dynamic. from provos
2002-09-23support for templates. they allow fast generation of new policies. anJun-ichiro itojun Hagino
appropriate template can be inserted during initial policy generation. from provos
2002-09-17split white space and single line policy processing into separateJun-ichiro itojun Hagino
functions. from provos
2002-09-16periodically save policies that have been modified. from provosJun-ichiro itojun Hagino
>here is a diff that will cause systrace to periodically save policies >that have been modified. Useful if you run systrace on an xterm and >kill it accidently. Or other applications like opera that are long >running and can cause weird crashes.
2002-09-06standalone ; at top scope is illegal in ansi cTheo de Raadt
2002-08-30allow # in system call name. remove trailing white space.Jun-ichiro itojun Hagino
from provos
2002-08-07typoVincent Labrecque
ok provos@
2002-08-05allow to specify an alternate directory for policy loading and writingNiels Provos
2002-07-19constify, have missing prototypes, use pedantic compilation options.Jun-ichiro itojun Hagino
niels ok
2002-07-07missing error checks on strdup. from cloder@acm.orgNiels Provos
2002-06-22gid is u_intTheo de Raadt
2002-06-19more careful buffer handling; pointed out by deraadt@Niels Provos
2002-06-11change a few buffers to 2*MAXPATHLEN; pob deraadt@Niels Provos
2002-06-09allow numeric group ID (group ID appear in /etc/passwd, but not in /etc/group)Jun-ichiro itojun Hagino
niels ok
2002-06-05append predicate, instead of prepending. makes rules sortable again.Niels Provos
pointed out by dugsong@
2002-06-05support simple predicates to prefix rules. Allows global policies to beNiels Provos
different for different users.
2002-06-04setup user systrace dir only if user policies are used.Niels Provos
2002-06-04add flag to ignore user specified policiesNiels Provos
2002-06-04KNFTheo de Raadt
2002-06-04__FUNCTION__ -> __func__ from espie@Niels Provos
2002-06-04initial import of systrace. don't touch this, more stuff coming in a whileNiels Provos