Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
148,942 Commits 606 Branches 0 Tags 3.1 GiB
bb74ea2d6b
Commit Graph

21 Commits

Author SHA1 Message Date
peter
c8593a1a3c Wrap long lines. 2006-03-18 00:35:02 +00:00
peter
c75c0a8549 Change a return to "goto out" so that fclose will be called. 
Fixes Coverity CID 1881.
 2006-03-18 00:12:02 +00:00
elad
9d164b22bc Add comments. 2005-08-10 21:33:36 +00:00
elad
e4088913b5 Separate constructing the path to the policy away from systrace_addpolicy() and 
into systrace_getpolicyfilename().
 2005-08-10 18:19:21 +00:00
christos
250ff65369 Const poisoning. 2005-06-24 23:21:09 +00:00
dsl
238960af7e Add (unsigned char) cast to ctype function 2004-10-29 19:51:36 +00:00
provos
4cd77cec75 get rid of unnecessary groupnames array 2003-08-01 05:42:48 +00:00
provos
2268d69749 support for a new kernel message that informs userland that an in-kernel 
policy has been freed.  this allows us to enforce the kernel policy size
limit for users while users are still able to execute an arbitary number
of applications;  the protocol change is backwards compatible.
 2003-06-03 04:33:44 +00:00
provos
70f2418ba2 do not free memory that still may be referenced later 2003-06-01 00:12:34 +00:00
itojun
a18a285e73 need 11 chars for %u. Peter Valchev 2003-04-16 08:07:51 +00:00
atatat
55a73f6d52 mdkdir -> mkdir 2003-03-26 17:00:57 +00:00
provos
e9f87b6c2c better parsing of # comments 2002-12-04 03:19:05 +00:00
provos
da50ee4397 prevent attempt to use in-kernel fastpath for aliased system calls. 2002-11-25 06:25:09 +00:00
provos
89afc325c0 predicates are part of the grammar now; in non-root case, predicates are 
evaluated only once; in root case, predicates and variable expansion are
dynamic.
 2002-10-08 14:49:23 +00:00
itojun
d584f0a0fc support for templates. they allow fast generation of new policies. an 
appropriate template can be inserted during initial policy generation.
from provos
 2002-09-23 04:35:41 +00:00
itojun
ca5a36677b split white space and single line policy processing into separate 
functions.  from provos
 2002-09-17 05:07:21 +00:00
itojun
c1261b4aff periodically save policies that have been modified. from provos 
>here is a diff that will cause systrace to periodically save policies
>that have been modified.  Useful if you run systrace on an xterm and
>kill it accidently.  Or other applications like opera that are long
>running and can cause weird crashes.
 2002-09-16 04:31:46 +00:00
itojun
c81b949059 allow # in system call name. remove trailing white space. 
from provos
 2002-08-30 17:09:31 +00:00
itojun
b6aefbe19f sync with latest systrace in openbsd tree. improved systrace with chroot. 2002-08-28 03:52:44 +00:00
itojun
4f0c9c76b6 sync up with latest openbsd systrace. 
- avoid race conditions by having seqno in ioctl
- better uid/gid tracking
- "replace" policy to replace args
- less diffs, as many of local changes were fed back to openbsd already

due to the 1st item, it was impossible for us to provide backward-compatibility
(new kernel + old bin/systrace won't work).  upgrade both.
 2002-07-30 16:29:28 +00:00
christos
5039a9e5ee Add userland portion of systrace. 2002-06-17 16:29:07 +00:00