Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ad7b01f7d0
NetBSD/lib/libc
History
elad ad7b01f7d0 More veriexec changes: 
- Better organize strict level. Now we have 4 levels:
  - Level 0, learning mode: Warnings only about anything that might've
      resulted in 'access denied' or similar in a higher strict level.

  - Level 1, IDS mode:
    - Deny access on fingerprint mismatch.
    - Deny modification of veriexec tables.

  - Level 2, IPS mode:
    - All implications of strict level 1.
    - Deny write access to monitored files.
    - Prevent removal of monitored files.
    - Enforce access type - 'direct', 'indirect', or 'file'.

  - Level 3, lockdown mode:
    - All implications of strict level 2.
    - Prevent creation of new files.
    - Deny access to non-monitored files.

- Update sysctl(3) man-page with above. (date bumped too :)

- Remove FINGERPRINT_INDIRECT from possible fp_status values; it's no
  longer needed.

- Simplify veriexec_removechk() in light of new strict level policies.

- Eliminate use of 'securelevel'; veriexec now behaves according to
  its strict level only.
2005-06-17 17:46:18 +00:00
..
arch Add missing __RCSID() 2005-06-12 05:21:25 +00:00
citrus * add some comments. 2005-05-14 17:55:42 +00:00
compat-43
db Ensure dbp is initialized to NULL before trying to use it in an error codepath. 2005-06-01 05:39:17 +00:00
dlfcn
gen More veriexec changes: 2005-06-17 17:46:18 +00:00
gmon The __used__ change doesn't work on 2.95/vax. Put an #ifdef back in for vax and 2005-05-06 19:32:30 +00:00
hash Add missing __RCSID() 2005-06-12 05:21:25 +00:00
iconv make sure to set errno to EINVAL if _citrus_iconv_open() returns ENOENT. 2005-04-25 13:42:04 +00:00
include add fgetwln. 2005-05-15 13:09:13 +00:00
inet Add missing __RCSID() 2005-06-12 05:21:25 +00:00
isc
locale Add missing __RCSID() 2005-06-12 05:21:25 +00:00
md Add missing __RCSID() 2005-06-12 05:34:34 +00:00
nameser Merge conflicts 2004-11-07 02:19:49 +00:00
net Move the test for "more strict reverse lookup handling" to the correct 2005-06-01 05:19:21 +00:00
nls Add missing __RCSID() 2005-06-12 05:21:25 +00:00
quad
regex
resolv Add missing __RCSID() 2005-06-12 05:21:25 +00:00
rpc use malloc rather than mem_alloc (which is implemented using calloc) 2005-06-09 22:13:17 +00:00
softfloat Only compile the floatx80-using functions if the arch in question 2004-09-27 10:16:24 +00:00
stdio Initialize expsize to appease -Wuninitialized for sh3 and m68000. 2005-06-15 09:31:27 +00:00
stdlib Add missing __RCSID() 2005-06-12 05:21:25 +00:00
string Add missing __RCSID() 2005-06-12 05:21:25 +00:00
sys - Correct the fields in the stat structure. From PR/18255. 2005-06-14 12:10:02 +00:00
termios Change a returned value of -1 (NO_PGID) to (uint)(pid_t)~0u >> 1 (0x7fffffff) 2004-12-01 21:37:15 +00:00
thread-stub Add missing __RCSID() 2005-06-12 05:21:25 +00:00
time Add missing __RCSID() 2005-06-12 05:21:25 +00:00
uuid A little libc namespace housekeeping exercise: 2005-02-09 21:35:46 +00:00
yp #include "reentrant.h" instead of <threadlib.h> 2004-10-29 06:32:08 +00:00
Makefile Use TOOL_GENASSYM. Part of PR toolchain/30350 2005-05-30 16:02:56 +00:00
shlib_version bump for wide stdio functions. 2005-05-14 23:51:16 +00:00