Age | Commit message (Collapse) | Author | |
---|---|---|---|
2002-10-09 | predicates are part of the grammar now; in non-root case, predicates are | Jun-ichiro itojun Hagino | |
evaluated only once; in root case, predicates and variable expansion are dynamic. from provos | |||
2002-10-08 | "output" is a pointer of size "outlen", so use outlen instead of | Jun-ichiro itojun Hagino | |
sizeof(output) From "Vincent Labrecque" <vincent@psyfreaks.ca> | |||
2002-10-08 | assume that inserting a template implies permit for the current | Jun-ichiro itojun Hagino | |
syscall from provos | |||
2002-09-30 | fix return value; from marius@umich.edu via provos | Jun-ichiro itojun Hagino | |
2002-09-23 | support for templates. they allow fast generation of new policies. an | Jun-ichiro itojun Hagino | |
appropriate template can be inserted during initial policy generation. from provos | |||
2002-09-17 | split white space and single line policy processing into separate | Jun-ichiro itojun Hagino | |
functions. from provos | |||
2002-09-17 | daemon should not change the directory. from provos | Jun-ichiro itojun Hagino | |
2002-09-16 | periodically save policies that have been modified. from provos | Jun-ichiro itojun Hagino | |
>here is a diff that will cause systrace to periodically save policies >that have been modified. Useful if you run systrace on an xterm and >kill it accidently. Or other applications like opera that are long >running and can cause weird crashes. | |||
2002-09-06 | standalone ; at top scope is illegal in ansi c | Theo de Raadt | |
2002-08-30 | allow # in system call name. remove trailing white space. | Jun-ichiro itojun Hagino | |
from provos | |||
2002-08-28 | avoid symbol conflict (errno) | Jun-ichiro itojun Hagino | |
2002-08-28 | fix systrace with chroot. from provos | Jun-ichiro itojun Hagino | |
2002-08-08 | no \n in err | Niels Provos | |
2002-08-08 | if getcwd fails and we continue dont restcwd. | Niels Provos | |
2002-08-07 | deal better with interrupted system calls | Niels Provos | |
2002-08-07 | typo | Vincent Labrecque | |
ok provos@ | |||
2002-08-05 | allow to specify an alternate directory for policy loading and writing | Niels Provos | |
2002-08-05 | uid and gid are not guaranteed to be aligned on a register_t sized boundary. | Jason Wright | |
Use a temporary location and then copy the value into place. provos ok. | |||
2002-08-05 | increase buffer size for getstring, useful for execve arguments. | Niels Provos | |
intercept_filename deals better with symlinked last component lookups. change some translations to use unlinkname. | |||
2002-08-05 | different translation for lstat | Niels Provos | |
2002-08-04 | keep track of ppid and allow matching rules to be logged via syslog. | Niels Provos | |
2002-08-02 | performance improvement, reduces number of ioctl calls | Niels Provos | |
2002-08-01 | correctly separate execve argv arguments. increase buffer size for | Niels Provos | |
get_string | |||
2002-08-01 | the last component in a filename for unlink may be a symlink | Niels Provos | |
2002-07-31 | bring in doc updates from netbsd. niels ok | Jun-ichiro itojun Hagino | |
2002-07-30 | obey section order to mandoc. sync with netbsd. | Jun-ichiro itojun Hagino | |
2002-07-30 | use Nm | Jun-ichiro itojun Hagino | |
2002-07-30 | sometimes no-return syscalls (execve) emit errno < 0. ignore them. | Jun-ichiro itojun Hagino | |
2002-07-30 | sync function decl and prototype (static-ness) | Jun-ichiro itojun Hagino | |
2002-07-30 | avoid using same variable name for global and auto variable. | Jun-ichiro itojun Hagino | |
2002-07-30 | oops, i've been looking at older tree.h | Jun-ichiro itojun Hagino | |
2002-07-30 | SPLAY_INSERT is a void function | Jun-ichiro itojun Hagino | |
2002-07-30 | sync prototype for yyerror(). | Jun-ichiro itojun Hagino | |
2002-07-30 | include filter.h, dont' duplicate prototype | Jun-ichiro itojun Hagino | |
2002-07-30 | extern decls should be outside of function. | Jun-ichiro itojun Hagino | |
2002-07-30 | solve a problem with realpath when the last component of the path is | Niels Provos | |
a directory without S_IXUSR; tested by me and dugsong. | |||
2002-07-22 | add seqnr to message from kernel, userland needs to quote correct seqnr. | Niels Provos | |
avoids problems where tsleep has been interrupted by a signal. | |||
2002-07-20 | compile on sparc64 | Niels Provos | |
2002-07-19 | you can't always cast pointer to int; use intptr_t. | Jun-ichiro itojun Hagino | |
2002-07-19 | constify, have missing prototypes, use pedantic compilation options. | Jun-ichiro itojun Hagino | |
niels ok | |||
2002-07-17 | on detach or kill do not do argument replacement | Niels Provos | |
2002-07-16 | link translation for linux emulation, too. | Niels Provos | |
2002-07-16 | translation for link system call | Niels Provos | |
2002-07-16 | internal uid/gid tracking. permit can not detach systrace, useful for | Niels Provos | |
sshd. | |||
2002-07-14 | argv translation for exeve | Niels Provos | |
2002-07-13 | uname translation | Niels Provos | |
2002-07-13 | use correct length for PF_LOCAL sockets; not all applications fill in | Niels Provos | |
sa_len | |||
2002-07-12 | some clean up. install argument replacements only if we are going to | Niels Provos | |
permit the system call. translate some set[e]{g,u}id calls | |||
2002-07-11 | cleanup | Niels Provos | |
2002-07-10 | make it work with chroot | Niels Provos | |