Age | Commit message (Expand) | Author |
2015-10-18 | Move your drink further away... When a program pledged "getpw" fails to | Theo de Raadt |
2015-10-18 | TIOCSTI and TIOCSCTTY; oops got the condition backwards. | Theo de Raadt |
2015-10-18 | Allow read/write access to /dev/tty when using "tty" pledge. | Doug Hogan |
2015-10-18 | sync | Theo de Raadt |
2015-10-18 | Add two new system calls: dnssocket() and dnsconnect(). This creates a | Theo de Raadt |
2015-10-17 | naddy asks me if __tfork should be allowed by "proc". yes! | Theo de Raadt |
2015-10-17 | connect() to an AF_UNIX socket is really read/write, so tell pledge this | Theo de Raadt |
2015-10-17 | Allow the nasty ioctl TIOCSTI in "tty", but also require the "proc" | Theo de Raadt |
2015-10-17 | better wording in a comment | Theo de Raadt |
2015-10-17 | Unify TIOCGPGRP/TIOCGWINSZ/TIOCGWINSZ behaviour regarding ENOTTY return. | Theo de Raadt |
2015-10-17 | Allow TIOCSCTTY on tty devices, if the pledge says "tty id" | Theo de Raadt |
2015-10-17 | whitespace | Theo de Raadt |
2015-10-17 | Fix the code that sets up the MCH BAR on systems where the (buggy) BIOS | Mark Kettenis |
2015-10-17 | Spell all "unexpected mode %u" panics in lower case, not just one of them. | Stefan Sperling |
2015-10-17 | Fix build with IFMEDIA_DEBUG defined; ok sthen@ | Stefan Sperling |
2015-10-17 | Add pledge "id" support. This request permits setuid/seteuid/setresuid, | Theo de Raadt |
2015-10-17 | Allow a few 'get' ioctls for pledge("route"). route6d will soon use this. | Jeremie Courreges-Anglas |
2015-10-16 | Also allow 6 as a miblen for NET_RT_DUMP, not all users specify a rtable. | Jeremie Courreges-Anglas |
2015-10-16 | Make sched_barrier() use its own task queue to avoid deadlocks. | Martin Pieuchot |
2015-10-16 | Repair the pty check for kernels without pty support. | Theo de Raadt |
2015-10-16 | Allow PTMGET with "tty rpath wpath" but restrict only to /dev/ptm by | Nicholas Marriott |
2015-10-16 | Always allow a r/w opening of /dev/null though the namei check. This | Theo de Raadt |
2015-10-16 | delete pledge_bind_check() function and remove pledge_bind_check() call from ... | Sebastien Marie |
2015-10-16 | Place TIOCSTI reminder block better | Theo de Raadt |
2015-10-16 | For "tty" pledges, treat TIOCGPGRP and TIOCGWINSZ like TIOCGETA - | Theo de Raadt |
2015-10-16 | Implement real "flock" request and add it to userland programs that | Todd C. Miller |
2015-10-16 | If a DOWN route entry is passed to a L2 output function, be dumb and | Martin Pieuchot |
2015-10-16 | Put some iwm(4) debug code into #ifdef IWM_DEBUG. | Stefan Sperling |
2015-10-16 | Clean up iwm(4) scanning logic a bit: Reset sc_scanband in callers of | Stefan Sperling |
2015-10-16 | Oops, committed old version of previous diff with a typo in it: NLL -> NULL | Stefan Sperling |
2015-10-16 | In iwm(4), correctly size and map the mbuf used for large firmware commands. | Stefan Sperling |
2015-10-16 | FIOSETOWN/FIOGETOWN were added to "ioctl", but study finds no programs | Theo de Raadt |
2015-10-16 | Add TIOCCBRK and TIOCSDTR to the whitelist for pledge ioctl. | Doug Hogan |
2015-10-15 | When using a pf rule with both nat-to and rdr-to, it could happen | Alexander Bluhm |
2015-10-15 | No need to create links for xxboot now that MI installboot is the preferred | Miod Vallat |
2015-10-15 | Add TIOCFLUSH to "tty" in support of tcflush() | Theo de Raadt |
2015-10-15 | Exposing FIOASYNC in pledge "ioctl" is a mistake; remove it, cannot find safe... | Theo de Raadt |
2015-10-15 | Let the rx path of cnmac run without the kernel lock. To avoid the need | Visa Hankala |
2015-10-15 | Fix previous. The port number is not included in sc_src and it is | YASUOKA Masahiko |
2015-10-15 | in6_pcbconnect() returns EADDRNOTAVAIL when | Vincent Gross |
2015-10-15 | FIOCLEX & FIONCLEX should be in base ioctl set | Theo de Raadt |
2015-10-15 | avoid using a var uninitialised | Jonathan Gray |
2015-10-14 | FALTHROUGH->FALLTHROUGH in comment, ok deraadt a few days ago | Stuart Henderson |
2015-10-14 | Add a dummy "flock" request that will allow file locking. It is | Todd C. Miller |
2015-10-14 | When pledged with "fattr", allow chown to supplimentary groups. This | Theo de Raadt |
2015-10-14 | Init a variable in the recently added carp_vhe_match() function clang | Jonathan Gray |
2015-10-14 | Reset the RTF_CONNECTED flag when cloning an entry. | Martin Pieuchot |
2015-10-14 | Rewrite the logic around the dymanic array of routing tables to help | Martin Pieuchot |
2015-10-14 | pledge "tty" can allow ioctl TIOCEXCL on a tty | Theo de Raadt |
2015-10-14 | sendmsg() is allowed to pass cmsg's which are not CMSG_RIGHTS - last | Theo de Raadt |