Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
144,857 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

33 Commits

Author SHA1 Message Date
elad e6a2d9e984 Simplify man-page a bit. 
Patch from Patrick Welche.
 2005-09-03 11:44:45 +00:00
elad 3752840791 Add a new keyword, ``topdir'', that grants access only if the file is 
in a hierarchy below the specified path.
 2005-08-24 19:09:03 +00:00
elad 4e11de6548 Further correct handling of `inpath'. 
The path in the policy is not normalized, and shouldn't be. We accept
only an absolute path, possibly with one trailing slash. Make note of
that in the manpage.
 2005-07-04 16:32:30 +00:00
wiz 50175a3a4d From jmc@openbsd: 
-c option take names as well as numerical ids. checked w/ sturm@
diff from ray.
 2005-04-23 10:56:54 +00:00
wiz 7978aff203 Bump date for previous (hi niels!). 
Sort options.
 2003-11-28 23:32:02 +00:00
provos 61d0495091 support for cradle mode by marius at monkey.org; cradle mode allows the 
systrace UI to be attached and re-attached, it also multiplexes across
systrace process so that one UI can function as central notification
 2003-11-28 21:53:32 +00:00
wiz a3390acd07 Punctuation improvement from jmc@openbsd. 2003-09-07 15:58:58 +00:00
wiz 6c3a1a5dfb Some small tweaks from jmc@openbsd: 
- .Bk/.Ek for SYNOPSIS
 - .Ev for environment variables
 - fix bogus -offsets
 2003-09-06 16:39:34 +00:00
itojun e0e82d2080 typo 2003-08-20 01:28:44 +00:00
wiz 9d0fdf5d2a Replace < and > with \*[Lt] and \*[Gt] resp. for HTML output. 
Sort options. Bump date for last.
 2003-05-21 06:23:29 +00:00
provos bd80d3ced7 permit numberic values for uid and gid; allow "<" and ">" for less and 
greater; requested by dugsong
 2003-05-20 22:45:13 +00:00
wiz 8dda1d8092 Use Dq and Sq. Drop a trailing space. 2003-04-16 10:17:26 +00:00
provos a2468a8d04 new "ask" action. creates a new rule that prompts the user for an 
action but allows only yes or no answer.  inspired from talking
with dugsong@monkey
 2003-03-25 23:17:29 +00:00
provos 66570390e4 More details and a few improvement for style. from ian@darwinsys 2003-03-25 23:00:05 +00:00
provos 695ad5ee17 add support for regular expressions to be more flexible with policy string 
matching.
 2002-11-02 20:04:20 +00:00
itojun 8b5e86873c typo, reported by avsm@openbsd 2002-10-31 23:01:27 +00:00
jdolecek 196f994fd8 use .Nx 2.0 consistently in HISTORY section 
add .\" NEXTRELEASE tag before the .Nx to make it possible to quickly
  find version references in case this would need to be changed
 2002-10-23 09:44:35 +00:00
itojun 553d79070e \n before new sentence. 2002-10-16 14:58:33 +00:00
provos 690d7c3ad0 fix type; its "as :group" 2002-10-11 23:31:00 +00:00
provos 61e8c76047 support for privilege elevation. 
with privilege elevation no suid or sgid binaries are necessary any
longer.  Applications can be executed completely unprivileged. Systrace
raises the privileges for a single system call depending on the
configured policy.

Idea from discussions with Perry Metzger, Dug Song and Marcus Watts.
Approved by christos and thorpej.
 2002-10-11 21:54:55 +00:00
wiz 14dfaa4b03 New policy: New sentences start on a new line. 
Patches by Robert Elz <kre at munnari oz au>, with minimal changes by me.
 2002-09-25 15:18:36 +00:00
itojun b6aefbe19f sync with latest systrace in openbsd tree. improved systrace with chroot. 2002-08-28 03:52:44 +00:00
itojun 2b8709b902 backout previous. mandoc(4) lies. 2002-07-31 00:28:02 +00:00
itojun 822deb809a .Bd -offset does not take numeric arg, but string. 2002-07-31 00:26:56 +00:00
jdolecek bdd538626a re-apply part of rev. 1.4 - Explain why you would use this. 
contrary to rev. 1.4, keep 'The options are as follows' sentence, since
this seems to be used more on system manpages
 2002-07-30 21:58:25 +00:00
jdolecek e9b2b4b074 re-apply changes in rev. 1.3 - Slight changes to the English. 2002-07-30 21:43:26 +00:00
wiz 93aef72209 Sort sections, Sh -> Ss in one place. 2002-07-30 17:06:58 +00:00
itojun 4f0c9c76b6 sync up with latest openbsd systrace. 
- avoid race conditions by having seqno in ioctl
- better uid/gid tracking
- "replace" policy to replace args
- less diffs, as many of local changes were fed back to openbsd already

due to the 1st item, it was impossible for us to provide backward-compatibility
(new kernel + old bin/systrace won't work).  upgrade both.
 2002-07-30 16:29:28 +00:00
wiz 716daf6160 Sort sections. 2002-06-26 15:29:43 +00:00
gmcgarry 28272e6493 Explain why you would use this. Reword a little and add some history. 2002-06-26 06:50:14 +00:00
agc 1e4714b470 Slight changes to the English. 2002-06-20 10:07:42 +00:00
wiz b70e67425c No .Pp before .Sh, drop trailing space, sort sections. 2002-06-17 17:06:08 +00:00
christos 5039a9e5ee Add userland portion of systrace. 2002-06-17 16:29:07 +00:00