summaryrefslogtreecommitdiff
path: root/bin
AgeCommit message (Collapse)Author
2002-06-28KNFTheo de Raadt
2002-06-22gid is u_intTheo de Raadt
2002-06-22uid are unsigned outside of germanyTheo de Raadt
2002-06-22replace argument only if it is not copied in the kernel already (has lengthNiels Provos
> 0)
2002-06-21No .Pp before .Sh; from wiz@danbala.ifoer.tuwien.ac.atNiels Provos
2002-06-21change BUGS section to mention that only clone is a problem now.Niels Provos
2002-06-21rewrite all system call arguments in the permit case. use realpathNiels Provos
when we still have the root and we of the monitored process. this eliminates almost all race coniditions.
2002-06-20mention shared memory races in bugs section.Niels Provos
2002-06-19more careful buffer handling; pointed out by deraadt@Niels Provos
2002-06-18string.hTheo de Raadt
2002-06-18add x flag for systraced processes; mentioned by christos@netbsdNiels Provos
document missing flags from proc.h
2002-06-18KNFTheo de Raadt
2002-06-13explain filter operandsNiels Provos
2002-06-12gui needs to be started after child has been forked to prevent fds fromNiels Provos
being inherited and stdout/stdin from being mangled; from xs@kittenz.org
2002-06-12unused variableArtur Grabowski
2002-06-11change a few buffers to 2*MAXPATHLEN; pob deraadt@Niels Provos
2002-06-11kill err(3) newlines; ok provos@Jason Peel
2002-06-11typoMatthieu Herrb
2002-06-10document -pNiels Provos
2002-06-10support attaching to a running process; some code by fries@Niels Provos
2002-06-09revert one of wrong strlcpy() changeJun-ichiro itojun Hagino
2002-06-09knfTodd T. Fries
2002-06-09Fix the start time on sysctl kvm.Artur Grabowski
2002-06-09knfTodd T. Fries
2002-06-09rm trailing whitespaceTodd T. Fries
2002-06-09some knf.Todd T. Fries
2002-06-09some knf.Todd T. Fries
2002-06-09spelling; moritz@jodeit.orgTheo de Raadt
2002-06-09allow numeric group ID (group ID appear in /etc/passwd, but not in /etc/group)Jun-ichiro itojun Hagino
niels ok
2002-06-09strlcpy fix, PR 2727Jun-ichiro itojun Hagino
2002-06-08This doesn't need to be setgid operator; it was only set so usersAngelos D. Keromytis
could do "df /dev/rwd0a" or some such, but arguably only operators (or root) care about this, and they should already be on the operator group.
2002-06-08Use KVM_NO_FILES and remove the setgid.Artur Grabowski
2002-06-07explain about permit[inherit] for execveNiels Provos
2002-06-07use profiling to order filter lists more optimally.Niels Provos
2002-06-06enable systrace; pointed out by openbsd@davidkrause.comNiels Provos
2002-06-06Delete dublicate entry. Different patch from dfa@solo.ee applied.Mike Pechkin
millert@ ok
2002-06-06fix automatic policy generation for system calls that have the same argsNiels Provos
twice, like rename. problem found by gustavo
2002-06-05append predicate, instead of prepending. makes rules sortable again.Niels Provos
pointed out by dugsong@
2002-06-05support simple predicates to prefix rules. Allows global policies to beNiels Provos
different for different users.
2002-06-05dump policies only if user policy is specified.Niels Provos
2002-06-05stab at describing grammarNiels Provos
2002-06-05no special case of execve.Niels Provos
2002-06-05proper handling for .y and .l such that dependancies get generatedMichael Shalayeff
2002-06-05rcsidsMichael Shalayeff
2002-06-05introduce an automatic policy generation mode. it creates a policy basedNiels Provos
on what the application tries to do. the policy can be refined further on.
2002-06-05inpath logic, for example, filename inpath "$CWD"Niels Provos
2002-06-05know about CWD. will make some filter rules simpler.Niels Provos
2002-06-05My turn to help:Mike Pechkin
o) start new sentence on a new line;
2002-06-05document pgid usage; ok millert@Jason Peel
2002-06-04setup user systrace dir only if user policies are used.Niels Provos