summaryrefslogtreecommitdiff
path: root/usr.sbin/tcpdump/privsep.c
AgeCommit message (Expand)Author
2018-08-08mestre and I can find no reason why the pledge has "unix". DisableTheo de Raadt
2017-09-08Whoops, remove extra include.Bryan Steele
2017-09-08fork+exec model for tcpdump(8); re-exec the privileged child after forkBryan Steele
2017-06-14Don't support loading appletalk addresses from /etc/appletalk.names.Michal Mazurek
2017-01-23Split pledge "ioctl" into "tape" and "bpf", and allow SIOCGIFGROUP onlyTheo de Raadt
2016-07-25err() instead of errx(); noted by timTheo de Raadt
2016-07-24Split the root vs not-root cases better with regards to chroot setup.Theo de Raadt
2016-07-212004 privsep caused "tcpdump -r" to became a priviledged operation becauseTheo de Raadt
2015-12-05Remove two sets of NULL-checks before free().mmcc
2015-11-03Surround pledge call with blank lines.mmcc
2015-10-09Change all tame callers to namechange to pledge(2).Theo de Raadt
2015-10-06Move from tame "cmsg" to tame "sendfd" or "recvfd", depending on whichTheo de Raadt
2015-10-03tcpdump is two-process privsep.Theo de Raadt
2015-08-21since stdlib.h is in scope, don't cast.... you know the drill.Theo de Raadt
2015-07-14Move the BIOCGSTATS ioctl operation done by the tcpdump processTheo de Raadt
2015-03-15tzfile.h is an internal header that should never have been installed.Todd C. Miller
2015-01-20Adjust <sys/param.h> comments regarding use of use of MSIZE, orTheo de Raadt
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
2011-09-22Revert r1.29. Now that the "C" locale is ASCII-only, this workaroundStefan Sperling
2011-04-03Call setlocale() to avoid display glitches in UTF-8 locales.Stefan Sperling
2009-04-17correcto in comment; from Amarendra GodboleJason McIntyre
2008-04-18add filtering on direction; ok mpf@ deraadt@ feedback jmc@Damien Miller
2007-11-27typos; ok jmc@Martynas Venckus
2006-04-22Set signal handlers directly after the fork(2), so that we avoidMoritz Jodeit
2006-04-22Remove remaining stuff from state QUIT, adjust some commentsMoritz Jodeit
2006-04-21Add comments to please lint. No code changes. OK deraadtChad Loder
2005-09-23Only allow root to run tcpdump. It's needed for the chroot security.Otto Moerbeek
2005-05-23Call endpwent() _after_ we're done with the struct passwd fields.Otto Moerbeek
2005-05-22correct comments and function namens to reflect new parent/childMoritz Jodeit
2005-05-22fix signal race in statistics output. ok cloder@ henning@Moritz Jodeit
2005-05-03more setres[ug]id; ok deraadt@Damien Miller
2005-04-20fix signal race by removing STATE_QUIT completely.Moritz Jodeit
2005-04-10do not forget to call endpwent(). ok moritz@Otto Moerbeek
2005-04-10reduce the set of allowed actions in the privileged partMoritz Jodeit
2005-03-26simplify state engine, the old one was very confusing and wrong too.Otto Moerbeek
2005-03-25whitespaceMoritz Jodeit
2005-03-06add support for multiple DLTs using the -L and -y options.Reyk Floeter
2004-07-14no \n in errx(3)Henning Brauer
2004-06-09Take better care of people down under living in X and a half hourOtto Moerbeek
2004-05-15Naming consistency. From Alexander Guy. ok canacar@Otto Moerbeek
2004-04-23Silence getopt() in the priv process. ok canacar@ henning@Otto Moerbeek
2004-04-08In error message, use saved errno, not current errno.Anil Madhavapeddy
2004-04-03- dont send junk err in parent_open_dump() if filename is NULLAnil Madhavapeddy
2004-03-14Check return code of chdir() after chroot(); noted by Joris Vink, slight modOtto Moerbeek
2004-02-05Don't print two confusing error messages, print a single clear one.Otto Moerbeek
2004-02-04Better error message when bpf device open fails.Otto Moerbeek
2004-01-31general cleanup and better SIGCHLD handling from millert@Otto Moerbeek
2004-01-28privilege separated tcpdump, joint work with otto@Can Erkin Acar