Commit Graph

10 Commits

Author SHA1 Message Date
provos
2268d69749 support for a new kernel message that informs userland that an in-kernel
policy has been freed.  this allows us to enforce the kernel policy size
limit for users while users are still able to execute an arbitary number
of applications;  the protocol change is backwards compatible.
2003-06-03 04:33:44 +00:00
provos
7685de2195 use LOGIN_NAME_MAX instead of MAXLOGNAME; closes pr/21048 2003-04-09 17:50:08 +00:00
provos
da50ee4397 prevent attempt to use in-kernel fastpath for aliased system calls. 2002-11-25 06:25:09 +00:00
provos
c27faa29c9 performance improvement by omitting a redundant getcwd. 2002-11-02 19:57:02 +00:00
provos
61e8c76047 support for privilege elevation.
with privilege elevation no suid or sgid binaries are necessary any
longer.  Applications can be executed completely unprivileged. Systrace
raises the privileges for a single system call depending on the
configured policy.

Idea from discussions with Perry Metzger, Dug Song and Marcus Watts.
Approved by christos and thorpej.
2002-10-11 21:54:55 +00:00
provos
89afc325c0 predicates are part of the grammar now; in non-root case, predicates are
evaluated only once; in root case, predicates and variable expansion are
dynamic.
2002-10-08 14:49:23 +00:00
itojun
b6aefbe19f sync with latest systrace in openbsd tree. improved systrace with chroot. 2002-08-28 03:52:44 +00:00
itojun
4f0c9c76b6 sync up with latest openbsd systrace.
- avoid race conditions by having seqno in ioctl
- better uid/gid tracking
- "replace" policy to replace args
- less diffs, as many of local changes were fed back to openbsd already

due to the 1st item, it was impossible for us to provide backward-compatibility
(new kernel + old bin/systrace won't work).  upgrade both.
2002-07-30 16:29:28 +00:00
thorpej
873bb550a0 Some const poisoning. 2002-06-18 02:49:08 +00:00
christos
5039a9e5ee Add userland portion of systrace. 2002-06-17 16:29:07 +00:00