summaryrefslogtreecommitdiff
path: root/bin
AgeCommit message (Expand)Author
2015-10-12indent the builtin text a little, for naddy;Jason McIntyre
2015-10-12Revert the pledge() call on pax/ar_io.c for now.Sebastien Marie
2015-10-12preservation modes can adjust setugid bits, so no pledge is possible.Theo de Raadt
2015-10-11Don't return errno from main()Philip Guenther
2015-10-11pledge "stdio tty" works once the kernel allows TIOCGWINSZ. Do the pledgeTheo de Raadt
2015-10-11Don't allow "rm -rf /"Daniel Dickman
2015-10-10Pledge that ln only needs "stdio rpath cpath".Doug Hogan
2015-10-10Add a define for the invalid state, from mksh via Michael McConville.Nicholas Marriott
2015-10-10Kill pledges to only use "stdio proc".Doug Hogan
2015-10-10normalize a few more tame request orderings, to help reviewTheo de Raadt
2015-10-10normalize the ordering of tame requests (particularily, "rpath wpath cpath",Theo de Raadt
2015-10-10Replace calls to x_emacs_putbuf() with x_do_ins() since allTodd C. Miller
2015-10-10Unused macros; from Michael McConville.Nicholas Marriott
2015-10-10Move more declarations out of proto.h into better headers, from MichaelNicholas Marriott
2015-10-10ksh can run with pledge "stdio rpath wpath cpath getpw fattr proc exec tty"Theo de Raadt
2015-10-09The variable errmsg can be static in main.c if code in re.c uses an ownTobias Stoeckmann
2015-10-09Define functions as static when they are not used outside their own c-files.Tobias Stoeckmann
2015-10-09Lexer states are not needed outside of lex.c.Todd C. Miller
2015-10-09Mark static globals that are only used in their respective .c files.Todd C. Miller
2015-10-09remove null check before afree. from Michael McConvilleTed Unangst
2015-10-09pare down the readme so as to not imply we are tracking upstream.Ted Unangst
2015-10-09Change all tame callers to namechange to pledge(2).Theo de Raadt
2015-10-08stop trying to gift history files to the original owner. instead, don'tTed Unangst
2015-10-08little cleanup from Michael McConville, mostly related to stale comments.Ted Unangst
2015-10-08the -P flag overwrites files, so it needs tame "stdio rpath wpath cpath".Theo de Raadt
2015-10-08Try again. Both -R and -p prevent use of tame, but other cases can use it.Theo de Raadt
2015-10-08ah, fchflags. We will come back to this issue laterTheo de Raadt
2015-10-07tame "stdio cpath". The cpath is for rmdir(). Tame bundles all the systemTheo de Raadt
2015-10-07We cannot tame if -R is specified, because mknod and mkfifo may be called.Theo de Raadt
2015-10-07tame "stdio cpath rpath fattr", unless mkdir -m is passed a mode whichTheo de Raadt
2015-10-07tame "stdio rpath wpath". rpath is for localtime() and mktime(),Theo de Raadt
2015-10-07tame "stdio rpath wpath cpath proc exec tty". proc and exec because edTheo de Raadt
2015-10-06Remove an old and broken test snippet, from Michael McConville. ok millertNicholas Marriott
2015-10-06Drop the silly and distracting ACCEPT and REJECT macros, from MichaelNicholas Marriott
2015-10-06Move tree.c protos into tree.h, from Michael McConville, ok millertNicholas Marriott
2015-10-06we're running rm. call it rm too.Ted Unangst
2015-10-05Remove EXTERN from lex.h and put the definitions in lex.c, from MichaelNicholas Marriott
2015-10-05Remove EXTERN from table.h and put the definitions in table.c, fromNicholas Marriott
2015-10-05tame "stdio rpath" works for all use cases of pwd(1). In part thisTheo de Raadt
2015-10-04expr can use tame "stdio"Theo de Raadt
2015-10-04ls can use tame "stdio rpath getpw". It does uid/gid lookups, usingTheo de Raadt
2015-10-04df is a tame "stdio rpath" program, the rpath due to getfsstat and statfs.Theo de Raadt
2015-10-04Remove useless pattern_t typedef, POSIX regex is here to stay soTodd C. Miller
2015-10-04Remove #ifdefs for non-POSIX systems. Also remove #ifdef forTodd C. Miller
2015-10-04after dd has opened it's files and done the tape positioning ioctl, weTheo de Raadt
2015-10-04Repair tame() error check to be == -1Theo de Raadt
2015-10-03tame "stdio rpath" is sufficient for all the operations done by test(1)Theo de Raadt
2015-10-03obvious tame "stdio rpath"Theo de Raadt
2015-10-03oops! cannot tame the chmod case, because the kernel drops theTheo de Raadt
2015-10-03hard to think of a simple program to add tame to. tame "stdio", obviously.Theo de Raadt