Age | Commit message (Expand) | Author |
2017-01-23 | Backwards compat for pledge "ioctl" for about a week | Theo de Raadt |
2017-01-23 | Split pledge "ioctl" into "tape" and "bpf", and allow SIOCGIFGROUP only | Theo de Raadt |
2017-01-23 | whitespace | Theo de Raadt |
2017-01-21 | p_comm is the process's command and isn't per thread, so move it from | Philip Guenther |
2016-11-13 | Fix typo in comment: it's vm.loadavg, not kern.loadavg. | Theo Buehler |
2016-10-27 | For consistency, allow symlinkat(2) in the same way as symlink(2); | Ingo Schwarze |
2016-10-21 | pledge changes needed to support pledging vmd(8) on i386, forthcoming. | Mike Larkin |
2016-10-06 | In pledge_namei_wlpath() if resolvpath() errors out early it will not | Jonathan Gray |
2016-10-05 | Display the process's PID with p->p_p->ps_pid, not p->p_pid. | Philip Guenther |
2016-09-17 | NPF > 0 is a better test than SMALL for presence of pf. | Ted Unangst |
2016-09-04 | Remove sys_o58_kill since OpenBSD 6.0 has been tagged/released. | Joel Sing |
2016-08-31 | Delete unused ioctls and associated macros. Move macros that are still | Alexandre Ratchov |
2016-07-28 | Revert previous commit | Mike Belopuhov |
2016-07-28 | Convert ifq_deq_{begin,rollback,commit} dance to a single ifq_dequeue | Mike Belopuhov |
2016-07-12 | remove more noisy messages in "sendfd" and "recvfd" | Theo de Raadt |
2016-07-11 | be less noisy on console in case of "recvfd" refusal | Theo de Raadt |
2016-07-10 | pledge: use uint64_t instead of int for temporary storing a 64bit integer | Sebastien Marie |
2016-07-10 | Paranoia: check KTRPOINT() before calling ktrpledge() to guarantee we | Philip Guenther |
2016-07-03 | introduces new promise "chown" to allow changing owner/group with *chown(2) f... | Sebastien Marie |
2016-06-28 | in pledgereq (the array for doing correspondance between textual promise as i... | Sebastien Marie |
2016-06-27 | Restore the sys_o58_kill system call. | Joel Sing |
2016-06-27 | Implement IPV6_MINHOPCOUNT support. | Jeremie Courreges-Anglas |
2016-06-07 | per trending style, add continue to empty loops. | Ted Unangst |
2016-05-31 | sys_o58_kill is no longer needed for compat. | Theo de Raadt |
2016-05-31 | sys_osendsyslog can go away; we have transitioned to the new version with | Theo de Raadt |
2016-05-27 | rename(2) operation requires "rpath cpath" at the underlying operation | Theo de Raadt |
2016-05-15 | remove chroot(2) from allowed syscalls under pledge(2). | Sebastien Marie |
2016-04-28 | 1) Split pledge whitelist path handling out of pledge_namei() and into | Bob Beck |
2016-04-25 | simplifies the check for allowing only promises | Sebastien Marie |
2016-04-25 | removes an unneeded check on flags (used historically when tame(2) was using | Sebastien Marie |
2016-03-30 | Add getlogin_r syscall that checks and returns errors like userspace | Philip Guenther |
2016-03-25 | Silences compiler warnings, about used uninitialized variables. These lengths | Sebastien Marie |
2016-03-22 | allow fpathconf() in stdio mode, since it is an innocuous query | Theo de Raadt |
2016-03-21 | Rename the system call sendsyslog2 to sendsyslog. Keep the old one | Alexander Bluhm |
2016-03-16 | Expose new audio ioctls that do one thing only: start and stop DMA, | Alexandre Ratchov |
2016-03-15 | pledge: wl_paths: resolvpath() logic error | Sebastien Marie |
2016-03-15 | pledge: wl_paths: corrects a memory leak in error code path and an evaluation | Sebastien Marie |
2016-03-13 | keep disabled wl_paths for now. the expensiveness impact need to be better | Sebastien Marie |
2016-03-13 | reenable wl_paths (whitelisted-paths) in pledge(2) | Sebastien Marie |
2016-03-13 | pledge: replace #if 0 printf with DNPRINTF macro | Sebastien Marie |
2016-03-13 | pledge: let wl_paths works well with chroot | Sebastien Marie |
2016-03-13 | corrects on off-by-one error in pledge_namei() | Sebastien Marie |
2016-03-11 | pledge: define the meaning of passing NULL to one arguments of pledge(2) as "I | Sebastien Marie |
2016-02-17 | Return ENOTTY for TIOCFLUSH when allowed by pledge but the fd is | Todd C. Miller |
2016-01-19 | Check if the vnode type is VBAD (corresponds to disconnected | Alexandre Ratchov |
2016-01-18 | Add SYS_truncate as a "wpath" operation. Omission noticed by tb and sthen. | Theo de Raadt |
2016-01-09 | drop "abort" promise, and make it the default behaviour. | Sebastien Marie |
2016-01-08 | Add "vmm" pledge to allow restricted ioctl access to /dev/vmm. | Reyk Floeter |
2016-01-06 | turn off the whitepath code for now; we're not sure it's ready for release | Ted Unangst |
2016-01-06 | remove unnecessary casts where the incoming type is void *. | Ted Unangst |