Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
159,667 Commits 606 Branches 0 Tags 3.1 GiB
ac96097e58
Commit Graph

157 Commits

Author SHA1 Message Date
jdolecek
0e3af04f6a use native syscallnames[] array for 'aout' and 'aoutm68k' "emulations" - it's 
only used for syscall name <-> number translations, and the native array
is guaranteed to be superset of the former 'aout' and 'aoutm68k' arrays

this re-adds 'aoutm68k' support, and replaces change made in 1.14

g/c #include's which are no longer needed (including aout_syscalls.c), and
also add some comments for the emulations[] array
 2004-09-12 11:05:43 +00:00
jdolecek
c2ce3ec2d5 constify 2004-09-12 09:25:59 +00:00
he
72ed8803cf Remove references to aoutm68k_syscalls.c, following that file's removal. 2004-09-10 18:30:20 +00:00
provos
3afd9aba5f the special filename "" does not receive translation and is going to fail. 
previously, systrace would normalize it to $CWD/.; found by Nikolay Sturm
from OpenBSD.
 2004-01-24 03:44:46 +00:00
kleink
e71a15405c Avoid using structure initializers with struct timeval. 2004-01-21 22:50:56 +00:00
provos
80b9ef16f9 off-by-one; found by Nikolay Sturm from OpenBSD 2004-01-17 18:54:32 +00:00
jmmv
b635f565e7 Homogenize usage messages: make the 'usage' word all lowercase, as this seems 
to be the most common practice in our tree.
 2004-01-05 23:23:32 +00:00
wiz
6fc98bf82d Add -C to usage. 2003-11-28 23:32:25 +00:00
wiz
7978aff203 Bump date for previous (hi niels!). 
Sort options.
 2003-11-28 23:32:02 +00:00
provos
61d0495091 support for cradle mode by marius at monkey.org; cradle mode allows the 
systrace UI to be attached and re-attached, it also multiplexes across
systrace process so that one UI can function as central notification
 2003-11-28 21:53:32 +00:00
provos
2244ab26a9 allow underscores in usernames 2003-11-18 05:28:05 +00:00
fvdl
84f47d78af Don't initialize an integer field with NULL. 2003-10-21 02:11:21 +00:00
wiz
a3390acd07 Punctuation improvement from jmc@openbsd. 2003-09-07 15:58:58 +00:00
wiz
6c3a1a5dfb Some small tweaks from jmc@openbsd: 
- .Bk/.Ek for SYNOPSIS
 - .Ev for environment variables
 - fix bogus -offsets
 2003-09-06 16:39:34 +00:00
cb
5f734a1850 fix a race condition between path resolution in userland 
and the subsequent namei(): inform the kernel portion of
valid filenames and then disallow symlink lookups for
those filenames by means of a hook in namei().
with suggestions from provos@

also, add (currently unused) seqnr field to struct
systrace_replace, from provos@
 2003-08-25 09:12:42 +00:00
itojun
e0e82d2080 typo 2003-08-20 01:28:44 +00:00
provos
ab6fc8a1fd fixed contrived race condition during attachment; from marius@monkey.org 2003-08-02 14:45:08 +00:00
provos
037feaaf20 avoid warning due to name collision. 2003-08-02 14:34:35 +00:00
provos
2e1af85ab0 normalize CWD for cases where CWD has a symlink in it. should solve 
problems where CWD policies would not match.
 2003-08-02 14:31:10 +00:00
provos
08ab84f25d introduce normalize filename function. 2003-08-02 14:29:33 +00:00
provos
43914d5f2f change CWD handling. CWD is fixed to the CWD of the systrace process. 2003-08-02 14:24:30 +00:00
lukem
8ecf6c5100 revert previous; lossage was caused by local makefile changes 2003-08-01 11:09:38 +00:00
lukem
913e4f842e add explit dependency for lex.c on parse.h 2003-08-01 10:49:26 +00:00
provos
5edbacc575 escape \n and \r, too 2003-08-01 06:15:02 +00:00
provos
4cd77cec75 get rid of unnecessary groupnames array 2003-08-01 05:42:48 +00:00
provos
2268d69749 support for a new kernel message that informs userland that an in-kernel 
policy has been freed.  this allows us to enforce the kernel policy size
limit for users while users are still able to execute an arbitary number
of applications;  the protocol change is backwards compatible.
 2003-06-03 04:33:44 +00:00
provos
c57cb7fe98 escape " and \ to \" and \\; with the help of marius@monkey.org; 2003-06-03 01:20:06 +00:00
provos
70f2418ba2 do not free memory that still may be referenced later 2003-06-01 00:12:34 +00:00
wiz
8361a7103e Sync usage with man page. 2003-05-21 06:26:07 +00:00
wiz
9d0fdf5d2a Replace < and > with \*[Lt] and \*[Gt] resp. for HTML output. 
Sort options. Bump date for last.
 2003-05-21 06:23:29 +00:00
provos
bd80d3ced7 permit numberic values for uid and gid; allow "<" and ">" for less and 
greater; requested by dugsong
 2003-05-20 22:45:13 +00:00
provos
4a6e1b3b24 fix EOF on input bug; from mpech@prosoft 2003-04-23 17:44:59 +00:00
wiz
8dda1d8092 Use Dq and Sq. Drop a trailing space. 2003-04-16 10:17:26 +00:00
itojun
a18a285e73 need 11 chars for %u. Peter Valchev 2003-04-16 08:07:51 +00:00
provos
7685de2195 use LOGIN_NAME_MAX instead of MAXLOGNAME; closes pr/21048 2003-04-09 17:50:08 +00:00
atatat
55a73f6d52 mdkdir -> mkdir 2003-03-26 17:00:57 +00:00
provos
e3cb39834b mention "parse error" on stdout for interactive policy generation 2003-03-26 03:40:02 +00:00
provos
a2468a8d04 new "ask" action. creates a new rule that prompts the user for an 
action but allows only yes or no answer.  inspired from talking
with dugsong@monkey
 2003-03-25 23:17:29 +00:00
provos
5173f83708 recognize process group pid 2003-03-25 23:15:22 +00:00
provos
488a952788 better -c parsing; from camiel@sentia 2003-03-25 23:04:48 +00:00
provos
66570390e4 More details and a few improvement for style. from ian@darwinsys 2003-03-25 23:00:05 +00:00
provos
2b37f26aed mkdir requires unlinkname as a translator; unlinkname does not return 
<non-existent filename> errors any longer.
 2003-03-25 22:58:24 +00:00
provos
f605994ea3 rename was using an incorrect translation. 2003-03-25 22:54:59 +00:00
provos
887e433ee2 bug in profile feedback optimization; found by dirt@monkey 2003-03-25 22:48:42 +00:00
provos
4ff1bfdbd5 allow logging for untranslated syscalls; from anil@recoil.org 2002-12-15 19:05:31 +00:00
scw
f7aebc0017 Cast from register_t to void * via intptr_t. 2002-12-06 09:49:36 +00:00
thorpej
5759456a18 Avoid confict with reserved identifier "log". 2002-12-06 01:43:18 +00:00
provos
fec70f4a84 typos; fgsch@olimpo.com.br 2002-12-05 19:33:39 +00:00
provos
e9f87b6c2c better parsing of # comments 2002-12-04 03:19:05 +00:00
provos
da50ee4397 prevent attempt to use in-kernel fastpath for aliased system calls. 2002-11-25 06:25:09 +00:00
provos
048da773ed error messages need to go to stderr 2002-11-23 17:42:45 +00:00
provos
49d6b23841 check for trans_size is not needed. 2002-11-15 21:36:25 +00:00
provos
695ad5ee17 add support for regular expressions to be more flexible with policy string 
matching.
 2002-11-02 20:04:20 +00:00
provos
c27faa29c9 performance improvement by omitting a redundant getcwd. 2002-11-02 19:57:02 +00:00
provos
98c03e54fd register pidname and signame translation for kill(2) 2002-11-02 19:49:21 +00:00
provos
c989923700 rename exported variables to avoid name space polution. 2002-11-02 19:43:27 +00:00
provos
e93fe1e2ba NULL to 0; from navin@gdit.iiit.net 2002-11-02 16:27:46 +00:00
itojun
8b5e86873c typo, reported by avsm@openbsd 2002-10-31 23:01:27 +00:00
provos
5f7d4eab6c fix bug in determining execve name 2002-10-30 17:39:34 +00:00
provos
e9ac78c504 allow empty string 2002-10-29 15:44:38 +00:00
provos
4df7def23e missing break; from grange@rt.mipt.ru 2002-10-28 16:50:05 +00:00
jdolecek
196f994fd8 use .Nx 2.0 consistently in HISTORY section 
add .\" NEXTRELEASE tag before the .Nx to make it possible to quickly
  find version references in case this would need to be changed
 2002-10-23 09:44:35 +00:00
provos
04a469212b cleanup 2002-10-17 04:45:04 +00:00
itojun
553d79070e \n before new sentence. 2002-10-16 14:58:33 +00:00
itojun
e8745f23b6 sync better w/ openbsd tree (cosmetic) 2002-10-16 14:56:11 +00:00
provos
690d7c3ad0 fix type; its "as :group" 2002-10-11 23:31:00 +00:00
provos
61e8c76047 support for privilege elevation. 
with privilege elevation no suid or sgid binaries are necessary any
longer.  Applications can be executed completely unprivileged. Systrace
raises the privileges for a single system call depending on the
configured policy.

Idea from discussions with Perry Metzger, Dug Song and Marcus Watts.
Approved by christos and thorpej.
 2002-10-11 21:54:55 +00:00
provos
931062ce16 translation for socket system call 2002-10-11 04:40:11 +00:00
provos
1b3623c27a correctly evaluate group predicates 2002-10-10 14:06:30 +00:00
provos
306becc9b9 add A to usage; noted by nickus@mpi-cbg.de 2002-10-08 14:50:57 +00:00
provos
89afc325c0 predicates are part of the grammar now; in non-root case, predicates are 
evaluated only once; in root case, predicates and variable expansion are
dynamic.
 2002-10-08 14:49:23 +00:00
itojun
ed21532463 "output" is a pointer of size "outlen", so use outlen instead of 
sizeof(output)

From: "Vincent Labrecque" <vincent@psyfreaks.ca>
 2002-10-08 02:47:59 +00:00
provos
4b7278c7f2 use FNM_LEADING_DIR 2002-10-06 03:16:25 +00:00
provos
9008ac33c8 assume that inserting a template implies permit for the current syscall 2002-10-06 01:28:55 +00:00
provos
a79af4d624 fix return value; from marius@umich.edu 2002-09-28 17:56:54 +00:00
wiz
14dfaa4b03 New policy: New sentences start on a new line. 
Patches by Robert Elz <kre at munnari oz au>, with minimal changes by me.
 2002-09-25 15:18:36 +00:00
itojun
d584f0a0fc support for templates. they allow fast generation of new policies. an 
appropriate template can be inserted during initial policy generation.
from provos
 2002-09-23 04:35:41 +00:00
itojun
ca5a36677b split white space and single line policy processing into separate 
functions.  from provos
 2002-09-17 05:07:21 +00:00
itojun
0b2d2fe3d7 daemon should not change the directory. from provos 2002-09-17 04:54:36 +00:00
itojun
c1261b4aff periodically save policies that have been modified. from provos 
>here is a diff that will cause systrace to periodically save policies
>that have been modified.  Useful if you run systrace on an xterm and
>kill it accidently.  Or other applications like opera that are long
>running and can cause weird crashes.
 2002-09-16 04:31:46 +00:00
itojun
c81b949059 allow # in system call name. remove trailing white space. 
from provos
 2002-08-30 17:09:31 +00:00
itojun
b6aefbe19f sync with latest systrace in openbsd tree. improved systrace with chroot. 2002-08-28 03:52:44 +00:00
lukem
146a774973 Use ${NETBSDSRCDIR}/some/path instead of ${.CURDIR}/../../some/path (etc). 2002-08-19 09:56:00 +00:00
soren
236006d5dc Remove extraneous \n's in {err,warn}{,x} that used to be printfs. 2002-08-08 13:24:12 +00:00
itojun
95c7243aec more effort to make it compile on platforms w/o linux emul 2002-08-02 14:29:34 +00:00
itojun
71a4240254 aenable linux systrace only on platforms that support it. 
noted by hannken@eis.cs.tu-bs.de
 2002-08-01 08:47:03 +00:00
itojun
2b8709b902 backout previous. mandoc(4) lies. 2002-07-31 00:28:02 +00:00
itojun
822deb809a .Bd -offset does not take numeric arg, but string. 2002-07-31 00:26:56 +00:00
jdolecek
bdd538626a re-apply part of rev. 1.4 - Explain why you would use this. 
contrary to rev. 1.4, keep 'The options are as follows' sentence, since
this seems to be used more on system manpages
 2002-07-30 21:58:25 +00:00
jdolecek
e9b2b4b074 re-apply changes in rev. 1.3 - Slight changes to the English. 2002-07-30 21:43:26 +00:00
wiz
93aef72209 Sort sections, Sh -> Ss in one place. 2002-07-30 17:06:58 +00:00
itojun
4f0c9c76b6 sync up with latest openbsd systrace. 
- avoid race conditions by having seqno in ioctl
- better uid/gid tracking
- "replace" policy to replace args
- less diffs, as many of local changes were fed back to openbsd already

due to the 1st item, it was impossible for us to provide backward-compatibility
(new kernel + old bin/systrace won't work).  upgrade both.
 2002-07-30 16:29:28 +00:00
soren
8f6326d364 A local copy of <sys/tree.h> is unnecessary. 2002-07-30 06:09:56 +00:00
atatat
11bb544ec0 Mostly just a rewrite of intercept_run() so the arrangement of "child" 
process and "parent" process is more conducive to policy generation.
Previously, tracing of a given program worked something like this:

	fork()
	if (child)
		execprogram()
	else
		dotracing()

That means that if you "systrace -a named", named would fork and
background itself, but you would never get your prompt back because
systrace didn't exit.  Now it works like this:

	fork()
	if (interactive)
		if (child)
			execprogram()
		else
			dotracing()
	else
		if (parent)
			execprogram()
		else
			fork()
			if (parent)
				exit(0)
			setsid()
			dotracing()

This makes it *much* easier to do automated policy generation for
tasks run from rc.d.  Or, for that matter, makes it much easier to use
systrace with tasks run from rc.d.
 2002-07-03 22:54:38 +00:00
wiz
716daf6160 Sort sections. 2002-06-26 15:29:43 +00:00
gmcgarry
28272e6493 Explain why you would use this. Reword a little and add some history. 2002-06-26 06:50:14 +00:00
agc
1e4714b470 Slight changes to the English. 2002-06-20 10:07:42 +00:00
thorpej
2265b1ff78 Fix warnings on Alpha: Cast to intptr_t to extract ints stored in void *'s, 
and pull in proper prototypes.
 2002-06-18 21:22:45 +00:00
thorpej
44e317ae3d Do the previous slightly differently. 2002-06-18 21:21:17 +00:00
thorpej
2623bb99b9 Add an extra cast to size_t when extracting an int stored in a void *. 
(XXX Gross.)
 2002-06-18 21:19:59 +00:00