config(1) reads the first `files.${MACHINE}' when it encounters `machine'.
Then it includes common `files.${MACHINE_SUBARCH}', `files.${MACHINE_ARCH}',
and MI `sys/conf/files' at last. This change makes the first "file" in
`files.${MACHINE}' appear first in ${ALLFILES}.
o Disallow unknown options.
o Kill makeoptions.
because they're overly strict and i use these both regularly
to do stuff that isn't in the base src, and i'm quite sure
i am not the only one.
build subdirectory. This is not used now that everything is built at the
top of kernel build directory. It will become mandatory for source/object
files put out of kernel source tree to specify corresponding build subdirectory.
Only ``no dots'' relative path is accepted as "buildprefix".
of non-included options was already only a warning.
This also affects redefinition and removal of file-system and makeoption
entries.
Reviewed and OKd by uebayasi@
Define MAXUSERS in opt_param.h and include it from sys/param.h, for more
accurate dependency. Don't define -DMAXUSERS and add it to ${CPPFLAGS}.
config(5)'s "maxusers" syntax doesn't change.
(The version just before revert was OK, but I had something bad in my obj
dirs.)
config(1) does not need to be super-smart about path handling, because it is
usually used with make(1), that is much smarter.
Pre-compiled object files, specified using `object', are regarded as read-only
input, thus they should be put under $S (or $S/..), as part of a source tree.
message is retained, and you can't get rid of it. since it's dispalyed
in inverse, it feels like there's always an error happening (which is
really what the code has -- the above string is displayed via the error()
function.) for several types of key press that largely are just "redraw"
operation (space, ^L, etc.), clear the error string as well.
Substitution commands might contain a newline in the replacement pattern
(escaped with a backslash before it), causing patch's understanding of
the state the ed child process is in to diverge from reality. This can
lead to patch unwillingly feeding '!' (execute shell command) lines to
ed. Finding out how to do this is left as an exercise to the reader.
XXX: pullup-7
that require rcs command execution instead system(3) to avoid malicious
filenames in patches causing bad things to happen. In the process, lose SCCS
support. It is not like we are shipping sccs commands for that to work.
calendars to be other than regular files unless the -x option is in
effect.
(If not in -a mode, we're running purely as the user whose calendar it
is and if they want to DoS themselves with named pipes it's their own
lookout.)
from /etc/daily); do not exec other programs while the real uid is
still 0.
Also, clear the supplementary groups list up front and call initgroups
when becoming another user, to avoid leaking any extra group
privileges that we might have.
And finally, don't silently ignore errors changing uid and gid; those
are serious if they happen.
a couple of very important executives on board. He was coming into
the Berkeley airport through thick fog with less than 10 miles
visibility when his instruments went out.
He began circling around looking for a landmark. Finally, a small
opening in the fog appears and he sees a tall building with a guy
working alone on the fifth floor. He banks the plane around, rolls
down the window and shouts to the guy, "Hey where am I?"
The man replies, "You're in an airplane." The pilot rolls up the
window, executes a 275 degree turn and proceeds to perform a
perfect blind landing on the airport runway 5 miles away. Just as
the plane stops, so does the engine as the fuel has run out.
The passengers are amazed and one asks how he did it.
"Quite easy," replies the pilot, "I asked the guy in that building
a simple question. The answer he gave me was 100 percent correct
but absolutely useless, therefore, that must be NetBSD's
support office and from there the airport is just five miles due
East." (Credits:
http://www.techsupportforum.com/forums/f289/microsoft-joke-404432.html)
Seriously: give the reader of the manpage an idea on what this program
is for without forcing them to Google or read another manpage.
- space and tab are no shell metachars, remove them from generic
metachar function
- add space and tab as to-be-quoted characters for :Q modifier
- add = and : as characters that require command handling by the shell
src/usr.bin/netstat relies on code from src/sbin/route. WHen building
with -DSMALL, some functions such as mpls_ntoa() or p_rtrmx() are not
built in src/sbin/route. We therefore have to make sure they are not
used in src/usr.bin/netstat.
Don't use warn/err to print error messages about the input, as
prepending the program name to those both isn't helpful and confuses
programs that try to parse compile logs.
that the lhs is a variable reference, a number or a quoted string.
This helps avoid subtle bugs caused by typos.
When conditionals are being evaluated during variable expansion
we cannot be as strict becuase lhs will already have been expanded.
We therefor pass a boolean to Cond_EvalExpression to tell it how
lhs should be treated.
Add unit-tests/cond2.mk to test the above
Reviewed by: christos, joerg
Implement -x xferbufsize set the socket send and receive buffer size,
as per 'xferbuf' in interactive mode.
Patch from Nicholas Mills (via private mail), with minor adjustment by me.
When reading in the original file name from gzip header, we read
in PATH_MAX + 1 bytes from the file. In r281500, strrchr() is
used to strip possible path portion of the file name to mitigate
a possible attack. Unfortunately, strrchr() expects a buffer
that is NUL-terminated, and since we are processing potentially
untrusted data, we can not assert that be always true.
Solve this by reading in one less byte (now PATH_MAX) and
explicitly terminate the buffer after the read size with NUL.
reflected in make.1
Also fix handling to match the behavior described in the comment
of JobPrintCommand (only matters if shell sets hasErrCtl).
A better long term solution is needed since the current behavior
is sub-optimal wrt '-' and different from all other makes.
Reviewed by: christos
they are created on the fly. This makes it clear what the route is for
and allows an optimisation in ip_output() by avoiding a call to
in_broadcast() because most of the time we do talk to a host.
It also avoids a needless allocation for the storage of llinfo_arp and
thus vanishes from arp(8) - it showed as incomplete anyway so this
is a nice side effect.
Guard against this and routes marked with RTF_BLACKHOLE in
ip_fastforward().
While here, guard against routes marked with RTF_BLACKHOLE in
ip6_fastforward().
RTF_BROADCAST is IPv4 only, so don't bother checking that here.
One of motivation of this change is to make the behavior of test(1)
-nt/ot with preserved copy (like cp -p) closer to the NetBSD 6.
Of course whether full timestamps are kept or not depends also on
underlying file system.
The ifdef added in mv(1) since existing ifdefs was our local change
to compile it on solaris (though I couldn't test it):
http://mail-index.netbsd.org/tech-userlevel/2014/11/28/msg008831.html
the X sets, and include the DRM ioctls. Unfortunately the DRM ioctls for
different cards overlap, so until I write some code to merge them, only
enable one (currently the i915).
instead of it being always provided by the rump kernel base. This
move accomplishes two things:
1) it is no longer necessary to provide sysproxy hypercall stubs for
platforms which do not want to use sysproxy
2) it is easier to reason about the security aspects, since configurations
not linking the sysproxy component simply do not support remote
system calls
discussed on rumpkernel-users
races while allowing consistent lockless sampling of the per-cpu
statistics without atomic operations. Update comment describing
the locking protocol to include this.
These files were fumble-fingered out of the last commit.
0001. Do not recognize paths, mail folders, and pipes in mail addresses
by default. That avoids a direct command injection with syntactically
valid email addresses starting with |.
Such addresses can be specified both on the command line, the mail
headers (with -t) or in address lines copied over from previous
while replying.
This was assigned CVE-2014-7844 for some versions of BSD mailx. It is
documented behavior for Heirloom mailx, and was mentioned in an old
technical report about BSD mailx (which does not usually make its way
into operating system installations). The patch switches off this
processing and updates the documentation.
Added expandaddr option to explicitly enable this behavior.
0002. When invoking sendmail, prevent option processing for email
address arguments. This prevents changing e.g. the Postfix
configuration file in unexpected ways. This behavior was documented for
BSD mailx (sort of), but not for Heirloom mailx. We did not assign a
CVE to this because it is more of a missing feature, and code invoking
mailx needs adjustment in the caller as well.
Fixed.
0003. Make wordexp support mandatory. (No functional change.)
Fixed (replaced explicit shell pipe implementation).
0004. Prevent command execution in the expand function, which is IMHO
unexpected. (Not really required with patch 1, and there is still
information disclosure/DoS potential if this expansion occurs.) This is
a historic vulnerability already fixed in the Debian package,
retroactively assigned CVE-2004-2771:
Fixed (as part of the pipe replacement with wordexp).