| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2003-11-27 | permit trailing '$' in usernames, from Tom Cosgrove | Nikolay Sturm | |
| ok provos@, henning@ | |||
| 2003-11-23 | allow underscore in usernames, from Niels/NetBSD | Nikolay Sturm | |
| ok henning@ | |||
| 2003-11-20 | remove -Werror from userland builds, to give us a chance to | Anil Madhavapeddy | |
| use more verbose warning options if desired. ok millert@, henning@, david@ | |||
| 2003-11-20 | hyphenise compound adjective; from Jared Yanovich; | Jason McIntyre | |
| 2003-10-22 | from NetBSD: | Nikolay Sturm | |
| initialise an integer field with 0 instead of NULL ok provos, itojun, avsm, fgsch | |||
| 2003-10-18 | typos from Jared Yanovich; | Jason McIntyre | |
| 2003-10-08 | originally from cb@openbsd.org, adapted by provos | Nikolay Sturm | |
| itojun@ ok fix a race condition between path resolution in userland and the subsequent namei(): inform the kernel portion of valid filenames and then disallow symlink lookups for those filenames by means of a hook in namei(). with suggestions from provos@ also, add (currently unused) seqnr field to struct systrace_replace, from provos@ | |||
| 2003-09-04 | - use .Bk/.Ek | Jason McIntyre | |
| - kill bogus -offsets - escape `-' - .Ev for environment variables | |||
| 2003-08-23 | teach systrace about "aout" emul; henning@ ok. | Federico G. Schwindt | |
| 2003-08-20 | spelling; e@molioner.dk | Theo de Raadt | |
| 2003-08-04 | several diffs from Niels as applied to NetBSD | Nikolay Sturm | |
| monkey.org/NetBSD commit messages: - get rid of retarded CWD handling. CWD is fixed to the CWD of the systrace that started everything. - normalize file name function - normalize CWD for cases where CWD has a symlink in it. should solve problems where CWD policies would not match. - avoid warning due to name collision. - fixed contrived race condition during attachment; from marius@monkey.org itojun@ ok | |||
| 2003-07-19 | - sync with NetBSD or Niels' tarball where appropriate | Nikolay Sturm | |
| - keeps local changes - fixes a bug in profile feedback optimization and avoids symbol conflicts with errno - new feature: "ask" action itojun@ ok | |||
| 2003-06-24 | decruft | Michael Shalayeff | |
| 2003-06-19 | remove unused code which allocated useless memory (which was not freed) | Peter Valchev | |
| ok provos itojun | |||
| 2003-06-16 | - limited number of processes per systrace | Jun-ichiro itojun Hagino | |
| - escape fixes for special characters markus, sturm ok. from provos | |||
| 2003-06-02 | prevents systrace from referencing freed memory; provos | Jun-ichiro itojun Hagino | |
| 2003-05-29 | >permit numberic values for uid and gid; allow "<" and ">" for less and | Jun-ichiro itojun Hagino | |
| >greate; requested by dugsong@, strum ok | |||
| 2003-05-17 | pull in a bugfix from systrace-current to let systrace deal with creating | Nikolay Sturm | |
| directories correctly OK itojun@, thanks to niels for the help | |||
| 2003-04-24 | fix for EOF in interactive policy generation. | Mike Pechkin | |
| millert@ provos@ | |||
| 2003-04-17 | use asprintf; fix (remove) some incorrectly sized buffers in the process | Peter Valchev | |
| help & ok millert, miod, deraadt, tedu | |||
| 2003-04-14 | room for NUL; tdeval | Theo de Raadt | |
| 2003-04-06 | strlcpy; tedu ok | Theo de Raadt | |
| 2003-03-28 | little cleanup; | Jason McIntyre | |
| systrace(1) ok provos@ | |||
| 2003-02-20 | Fix a crash in the systrace found by form@ | Artur Grabowski | |
| One is a kernel fix that changes the lockin and one is a userland fix that prevents dereferencing a freed pointer. From provos deraadt@ ok | |||
| 2003-02-18 | intial -> initial; | Jason McIntyre | |
| the great intial witch hunt, as prompted by tdeval@ os-aix-dso.c: ok henning@ ab.C: ok drahn@ | |||
| 2002-12-12 | Allow the log directive to work for non-translated syscalls as well. | Anil Madhavapeddy | |
| provos ok | |||
| 2002-12-11 | rename log->dolog, from thorpej@netbsd, ok provos | Anil Madhavapeddy | |
| 2002-12-09 | Restriction that -c args must be numeric. Motivation on privilege elevation. | Ian Darwin | |
| Environment variables (HOME,USER,CWD). File name details. Style fixes. ok provos@ | |||
| 2002-12-09 | add support for regular expressions and pidname translations. from provos | Jun-ichiro itojun Hagino | |
| 2002-12-09 | better parsing of # comments. from provos | Jun-ichiro itojun Hagino | |
| 2002-12-09 | prevent the use of permit for aliases. from provos | Jun-ichiro itojun Hagino | |
| 2002-12-05 | spelling; niels ok. | Federico G. Schwindt | |
| 2002-12-04 | rename to a new ioctl | Michael Shalayeff | |
| 2002-11-26 | avoid symbol conflict with "errno" | Jun-ichiro itojun Hagino | |
| 2002-11-26 | performance improvement by omitting a redundant getcwd. | Jun-ichiro itojun Hagino | |
| from provos | |||
| 2002-11-26 | error should go to stderr. from provos | Jun-ichiro itojun Hagino | |
| 2002-11-16 | rename translation tables. from provos | Jun-ichiro itojun Hagino | |
| 2002-11-15 | no need to check trans_size. from provos | Jun-ichiro itojun Hagino | |
| 2002-11-12 | fix bug in determining execve name. from provos | Jun-ichiro itojun Hagino | |
| 2002-10-31 | typo, reported by avsm@openbsd | Jun-ichiro itojun Hagino | |
| 2002-10-28 | add missing "break". Alexander Yurchenko | Jun-ichiro itojun Hagino | |
| 2002-10-17 | little cleanup (intercept_getpid dies within the function on error). | Jun-ichiro itojun Hagino | |
| from provos | |||
| 2002-10-16 | support for privilege elevation. | Jun-ichiro itojun Hagino | |
| with privilege elevation no suid or sgid binaries are necessary any longer. Applications can be executed completely unprivileged. Systrace raises the privileges for a single system call depending on the configured policy. Idea from discussions with Perry Metzger, Dug Song and Marcus Watts. from provos | |||
| 2002-10-16 | translation for socket system call | Jun-ichiro itojun Hagino | |
| from provos | |||
| 2002-10-16 | correctly evaluate group predicates. | Jun-ichiro itojun Hagino | |
| afrom provos | |||
| 2002-10-09 | predicates are part of the grammar now; in non-root case, predicates are | Jun-ichiro itojun Hagino | |
| evaluated only once; in root case, predicates and variable expansion are dynamic. from provos | |||
| 2002-10-08 | "output" is a pointer of size "outlen", so use outlen instead of | Jun-ichiro itojun Hagino | |
| sizeof(output) From "Vincent Labrecque" <vincent@psyfreaks.ca> | |||
| 2002-10-08 | assume that inserting a template implies permit for the current | Jun-ichiro itojun Hagino | |
| syscall from provos | |||
| 2002-09-30 | fix return value; from marius@umich.edu via provos | Jun-ichiro itojun Hagino | |
| 2002-09-23 | support for templates. they allow fast generation of new policies. an | Jun-ichiro itojun Hagino | |
| appropriate template can be inserted during initial policy generation. from provos | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |