| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2002-10-16 | support for privilege elevation. | Jun-ichiro itojun Hagino | |
| with privilege elevation no suid or sgid binaries are necessary any longer. Applications can be executed completely unprivileged. Systrace raises the privileges for a single system call depending on the configured policy. Idea from discussions with Perry Metzger, Dug Song and Marcus Watts. from provos | |||
| 2002-10-16 | translation for socket system call | Jun-ichiro itojun Hagino | |
| from provos | |||
| 2002-10-16 | correctly evaluate group predicates. | Jun-ichiro itojun Hagino | |
| afrom provos | |||
| 2002-10-16 | enable meta key in emacs mode for 7-bit locales; provos@ | Todd C. Miller | |
| 2002-10-15 | Time ranges were documented incorrectly; Christian von Roques | Todd C. Miller | |
| We should probably add support for specifying the century too... | |||
| 2002-10-09 | predicates are part of the grammar now; in non-root case, predicates are | Jun-ichiro itojun Hagino | |
| evaluated only once; in root case, predicates and variable expansion are dynamic. from provos | |||
| 2002-10-08 | "output" is a pointer of size "outlen", so use outlen instead of | Jun-ichiro itojun Hagino | |
| sizeof(output) From "Vincent Labrecque" <vincent@psyfreaks.ca> | |||
| 2002-10-08 | assume that inserting a template implies permit for the current | Jun-ichiro itojun Hagino | |
| syscall from provos | |||
| 2002-10-07 | int -> uid_t | Vincent Labrecque | |
| ok millert | |||
| 2002-10-04 | wrong word; cjeker@diehard.n-r-g.com | Theo de Raadt | |
| 2002-09-30 | When using "nl" as an argument to .Fl, escape nl to make it literal, | Todd C. Miller | |
| else it is interpreted as a command and doesn't format correctly. deraadt@ OK | |||
| 2002-09-30 | fix return value; from marius@umich.edu via provos | Jun-ichiro itojun Hagino | |
| 2002-09-23 | support for templates. they allow fast generation of new policies. an | Jun-ichiro itojun Hagino | |
| appropriate template can be inserted during initial policy generation. from provos | |||
| 2002-09-18 | fix Xr refs; frisco@blackant.net | Theo de Raadt | |
| 2002-09-17 | split white space and single line policy processing into separate | Jun-ichiro itojun Hagino | |
| functions. from provos | |||
| 2002-09-17 | daemon should not change the directory. from provos | Jun-ichiro itojun Hagino | |
| 2002-09-16 | periodically save policies that have been modified. from provos | Jun-ichiro itojun Hagino | |
| >here is a diff that will cause systrace to periodically save policies >that have been modified. Useful if you run systrace on an xterm and >kill it accidently. Or other applications like opera that are long >running and can cause weird crashes. | |||
| 2002-09-06 | standalone ; at top scope is illegal in ansi c | Theo de Raadt | |
| 2002-09-06 | no , at end of enum | Theo de Raadt | |
| 2002-09-06 | cast nicely, for cbc_decode() and cbc_encode() | Theo de Raadt | |
| 2002-09-06 | do not return void | Theo de Raadt | |
| 2002-09-06 | KNF | Theo de Raadt | |
| 2002-09-04 | toast uprocp format keyword; peterw@ifost.org.au | Theo de Raadt | |
| 2002-08-31 | Unbreak. We have situations where last space in the line is required. | Mike Pechkin | |
| From dfa@openbsd.ru | |||
| 2002-08-30 | allow # in system call name. remove trailing white space. | Jun-ichiro itojun Hagino | |
| from provos | |||
| 2002-08-28 | avoid symbol conflict (errno) | Jun-ichiro itojun Hagino | |
| 2002-08-28 | fix systrace with chroot. from provos | Jun-ichiro itojun Hagino | |
| 2002-08-20 | Fix error string | Jason Wright | |
| 2002-08-12 | Swap args to calloc(3) so they are in the correct order; art@ ok. | Aaron Campbell | |
| 2002-08-11 | enable COMPLEX_HISTORY. sh/ksh history will now work | Marco S Hyman | |
| as described in the man page. OK millert@ | |||
| 2002-08-08 | no \n in err | Niels Provos | |
| 2002-08-08 | if getcwd fails and we continue dont restcwd. | Niels Provos | |
| 2002-08-07 | deal better with interrupted system calls | Niels Provos | |
| 2002-08-07 | typo | Vincent Labrecque | |
| ok provos@ | |||
| 2002-08-05 | allow to specify an alternate directory for policy loading and writing | Niels Provos | |
| 2002-08-05 | uid and gid are not guaranteed to be aligned on a register_t sized boundary. | Jason Wright | |
| Use a temporary location and then copy the value into place. provos ok. | |||
| 2002-08-05 | increase buffer size for getstring, useful for execve arguments. | Niels Provos | |
| intercept_filename deals better with symlinked last component lookups. change some translations to use unlinkname. | |||
| 2002-08-05 | different translation for lstat | Niels Provos | |
| 2002-08-04 | keep track of ppid and allow matching rules to be logged via syslog. | Niels Provos | |
| 2002-08-03 | register -> int | Marco S Hyman | |
| 2002-08-02 | performance improvement, reduces number of ioctl calls | Niels Provos | |
| 2002-08-01 | utmp.h not needed | Theo de Raadt | |
| 2002-08-01 | correctly separate execve argv arguments. increase buffer size for | Niels Provos | |
| get_string | |||
| 2002-08-01 | the last component in a filename for unlink may be a symlink | Niels Provos | |
| 2002-07-31 | bring in doc updates from netbsd. niels ok | Jun-ichiro itojun Hagino | |
| 2002-07-30 | obey section order to mandoc. sync with netbsd. | Jun-ichiro itojun Hagino | |
| 2002-07-30 | use Nm | Jun-ichiro itojun Hagino | |
| 2002-07-30 | sometimes no-return syscalls (execve) emit errno < 0. ignore them. | Jun-ichiro itojun Hagino | |
| 2002-07-30 | sync function decl and prototype (static-ness) | Jun-ichiro itojun Hagino | |
| 2002-07-30 | avoid using same variable name for global and auto variable. | Jun-ichiro itojun Hagino | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |