| Age | Commit message (Expand) | Author |
|---|
| 2015-10-12 | preservation modes can adjust setugid bits, so no pledge is possible. | Theo de Raadt |
| 2015-10-11 | Don't return errno from main() | Philip Guenther |
| 2015-10-11 | pledge "stdio tty" works once the kernel allows TIOCGWINSZ. Do the pledge | Theo de Raadt |
| 2015-10-11 | Don't allow "rm -rf /" | Daniel Dickman |
| 2015-10-10 | Pledge that ln only needs "stdio rpath cpath". | Doug Hogan |
| 2015-10-10 | Add a define for the invalid state, from mksh via Michael McConville. | Nicholas Marriott |
| 2015-10-10 | Kill pledges to only use "stdio proc". | Doug Hogan |
| 2015-10-10 | normalize a few more tame request orderings, to help review | Theo de Raadt |
| 2015-10-10 | normalize the ordering of tame requests (particularily, "rpath wpath cpath", | Theo de Raadt |
| 2015-10-10 | Replace calls to x_emacs_putbuf() with x_do_ins() since all | Todd C. Miller |
| 2015-10-10 | Unused macros; from Michael McConville. | Nicholas Marriott |
| 2015-10-10 | Move more declarations out of proto.h into better headers, from Michael | Nicholas Marriott |
| 2015-10-10 | ksh can run with pledge "stdio rpath wpath cpath getpw fattr proc exec tty" | Theo de Raadt |
| 2015-10-09 | The variable errmsg can be static in main.c if code in re.c uses an own | Tobias Stoeckmann |
| 2015-10-09 | Define functions as static when they are not used outside their own c-files. | Tobias Stoeckmann |
| 2015-10-09 | Lexer states are not needed outside of lex.c. | Todd C. Miller |
| 2015-10-09 | Mark static globals that are only used in their respective .c files. | Todd C. Miller |
| 2015-10-09 | remove null check before afree. from Michael McConville | Ted Unangst |
| 2015-10-09 | pare down the readme so as to not imply we are tracking upstream. | Ted Unangst |
| 2015-10-09 | Change all tame callers to namechange to pledge(2). | Theo de Raadt |
| 2015-10-08 | stop trying to gift history files to the original owner. instead, don't | Ted Unangst |
| 2015-10-08 | little cleanup from Michael McConville, mostly related to stale comments. | Ted Unangst |
| 2015-10-08 | the -P flag overwrites files, so it needs tame "stdio rpath wpath cpath". | Theo de Raadt |
| 2015-10-08 | Try again. Both -R and -p prevent use of tame, but other cases can use it. | Theo de Raadt |
| 2015-10-08 | ah, fchflags. We will come back to this issue later | Theo de Raadt |
| 2015-10-07 | tame "stdio cpath". The cpath is for rmdir(). Tame bundles all the system | Theo de Raadt |
| 2015-10-07 | We cannot tame if -R is specified, because mknod and mkfifo may be called. | Theo de Raadt |
| 2015-10-07 | tame "stdio cpath rpath fattr", unless mkdir -m is passed a mode which | Theo de Raadt |
| 2015-10-07 | tame "stdio rpath wpath". rpath is for localtime() and mktime(), | Theo de Raadt |
| 2015-10-07 | tame "stdio rpath wpath cpath proc exec tty". proc and exec because ed | Theo de Raadt |
| 2015-10-06 | Remove an old and broken test snippet, from Michael McConville. ok millert | Nicholas Marriott |
| 2015-10-06 | Drop the silly and distracting ACCEPT and REJECT macros, from Michael | Nicholas Marriott |
| 2015-10-06 | Move tree.c protos into tree.h, from Michael McConville, ok millert | Nicholas Marriott |
| 2015-10-06 | we're running rm. call it rm too. | Ted Unangst |
| 2015-10-05 | Remove EXTERN from lex.h and put the definitions in lex.c, from Michael | Nicholas Marriott |
| 2015-10-05 | Remove EXTERN from table.h and put the definitions in table.c, from | Nicholas Marriott |
| 2015-10-05 | tame "stdio rpath" works for all use cases of pwd(1). In part this | Theo de Raadt |
| 2015-10-04 | expr can use tame "stdio" | Theo de Raadt |
| 2015-10-04 | ls can use tame "stdio rpath getpw". It does uid/gid lookups, using | Theo de Raadt |
| 2015-10-04 | df is a tame "stdio rpath" program, the rpath due to getfsstat and statfs. | Theo de Raadt |
| 2015-10-04 | Remove useless pattern_t typedef, POSIX regex is here to stay so | Todd C. Miller |
| 2015-10-04 | Remove #ifdefs for non-POSIX systems. Also remove #ifdef for | Todd C. Miller |
| 2015-10-04 | after dd has opened it's files and done the tape positioning ioctl, we | Theo de Raadt |
| 2015-10-04 | Repair tame() error check to be == -1 | Theo de Raadt |
| 2015-10-03 | tame "stdio rpath" is sufficient for all the operations done by test(1) | Theo de Raadt |
| 2015-10-03 | obvious tame "stdio rpath" | Theo de Raadt |
| 2015-10-03 | oops! cannot tame the chmod case, because the kernel drops the | Theo de Raadt |
| 2015-10-03 | hard to think of a simple program to add tame to. tame "stdio", obviously. | Theo de Raadt |
| 2015-10-03 | the chmod & chflags codepaths can use tame "stdio rpath fattr". the | Theo de Raadt |
| 2015-10-03 | KNF | Theo de Raadt |
