src - OpenBSD base system

Age	Commit message (Collapse)	Author
2005-11-11	do not scan afs/xfs directories; chris.kuethe	Theo de Raadt

2005-02-22	Avoid spurious "globally exported" warning. Noted by jared r r spiegel.	Otto Moerbeek
	ok henning@
2005-02-07	indentation whitespace nits	David Krause

2005-01-06	- document /etc/security's .secure hooks	Jason McIntyre
	- sync the comments in /etc/security ok millert@
2004-08-25	Use $file shorthand instead of specifying /var/backups/disklabel.$d.	Todd C. Miller
	Noticed by ian@
2004-08-25	store a copy of the disklabel for mounted filesystems and report changes	Todd C. Miller
	OK deraadt@
2003-12-28	Update based on PR 2208:	Otto Moerbeek
	o Prepare for the update to join(1). o Handle non-ascii chars in pathnames for setuid and device checks. ok millert@ deraadt@
2003-11-28	fix regexp for group names	Nikolay Sturm
	ok millert@
2003-07-07	when testing passwd(5) expire field, force its value to an int before	Todd C. Miller
	checking for non-zero since an empty field is equivalent to 0. Problem noted by Graeme Lee.
2003-07-03	Fix setting of umaskset. Also, there is no need to use TMP3 for	Todd C. Miller
	umask detection.
2003-07-01	We need the "/ 10" in the group writability check after all; marc@	Todd C. Miller

2003-07-01	Make the test for unsafe umask more bullet-proof. With help from marc@	Todd C. Miller

2003-06-30	some more extra mktemp randomness; millert@ ok	Anil Madhavapeddy

2003-06-15	The hyphen in regexp should really be escaped	Alexander Yurchenko
	ok millert@
2003-06-13	Add dot ('.') in usernames too for consistency with adduser/useradd.	Todd C. Miller
	Noted by Brian Poole
2003-06-12	Don't complain about usernames that end in '$' which may be needed by	Todd C. Miller
	samba; this is consistent with useradd and adduser. From Dan Brosemer.
2003-04-08	Use POSIX chown semantics (user:group); noted by Leandro Costa	Todd C. Miller

2002-12-30	put bin dirs before sbin dirs in PATH for consistency with other cron scripts	Todd C. Miller

2002-12-15	writeable -> writable; torh at bogus dot net	Henning Brauer

2002-07-23	check account expiration time as well; from hamajima@nagoya.ydc.co.jp pr2835	Peter Valchev

2002-07-17	don't complain about our new usernames that start with underscores	joshua stein
	deraadt and millert ok
2002-05-22	Check for S/Key entries in /etc/skey, not /etc/skeyeys; David Krause	Todd C. Miller
	We could use skeyinfo(1) to check but this is much cheaper.
2002-02-18	use mktemp; help & ok millert	Peter Valchev

2001-10-01	mtree -l (loose permissions check) on /etc/mtree/special. ok millert@.	Jakob Schlyter

2001-04-06	fix username and groupname length checks.	Brad Smith
	-- Patch from: wilfried@ via PR#1761 Ok'd by: deraadt@
2001-04-05	Skip entries starting with '+' in duplicate user ID check so we don't	Todd C. Miller
	get false positives for YP stuff. Closes PR 1755
2001-03-25	Don't provide diffs of sensitive files like ssh host keys. Instead,	Todd C. Miller
	just save the md5 checksums so we can still determine when something change. Entries in /etc/changelist that are prefixed with a '+' will only have their md5 checksums saved, not the actual files.
2001-03-16	Add ~/.ssh/id_dsa and ~/.ssh/id_rsa to the "must be owned by user and	Todd C. Miller
	not readable by other" block. Remove ~/.ssh/random_seed as it is not used in OpenSSH. Add ~/.ssh/authorized_keys2, and ~/.ssh/known_hosts to the "must be owned by user and not writable" block.
2001-01-31	more fat utmp; ianm@cit.uws.edu.au	Theo de Raadt

2000-12-22	gnupg ring/data ownership/permission checking added; ok millert@	Todd T. Fries

2000-12-17	Todd, Aaron, Dug, and me all prefer unidiff	Marco S Hyman

2000-10-20	Since sh's bulitin echo(1) supports /t and /n there is no reason to	Todd C. Miller
	use printf(1) here. This way there is no possibility of format string problems and we use a shell builtin instead of an external command.
2000-10-18	printf(1) format string fixes! checked by theo.	Hugh Graham
	inspiration from dynamo@ime.net. also a typo fix.
2000-10-06	When including the listing of a directory in root's security mail, pass the	Aaron Campbell
	-q flag to ls(1) so that non-printable characters will appear as '?'. This prevents a malicious user from fooling the administrator into thinking the contents of a file name are actually valid script output (note that you can put newlines in file names); deraadt@ ok
2000-07-23	Add a little blurb explaing the meaning of mtree's output.	Bruno Rohee
	millert@ ok.
2000-06-18	fix inspired by pr 744 from karls@inet.no	Todd T. Fries
	changed so files are e.g. backups/etc_passwd not backups/_etc_passwd
2000-05-26	Capitalize 'id' to be consistent with our man pages.	Aaron Campbell

2000-04-16	sendmail support files now live in /etc/mail	Todd C. Miller

2000-02-29	existance -> existence	Aaron Campbell

1999-11-22	match /dev/fd{0,1,2,3}{,B,C,D,E,F,G,H}[abcdefghijklmnop] when doing device ↵	Todd C. Miller
	checks; closes PR #750
1999-06-19	Give line printout along with line number.	Marc Espie

1998-11-22	make /var/backups same as mtree says; mickey	Theo de Raadt

1998-08-17	don't include FIFOs in check for set[ug]id files and devices; andrew@nfr.net	Todd C. Miller

1998-07-11	better checks for . in path from "Denis A. Doroshenko" <cyxob@isl.vtu.lt>	Marco S Hyman

1998-05-10	Check a few more DOTfiles that could potentially compromise security on a per	Todd T. Fries
	user basis.
1998-03-22	fix ksh.kshrc; check ksh.kshrc, .kshrc for owner/mode/path	Marco S Hyman

1998-02-25	Deal with non-existent /etc/skeykeys	Todd C. Miller

1997-12-28	be more careful during termination	Theo de Raadt

1997-11-17	completely avoid master.passwd in the changelist processing; ↵	Theo de Raadt
	jbernard@tater.mines.edu
1997-10-05	handling for closed home directories; yensid@afri.imsa.edu	Theo de Raadt