summaryrefslogtreecommitdiffstats
path: root/bin/systrace (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Use S_IS* macros insted of masking with S_IF* flags. The latter mayotto2006-09-192-7/+7
| | | | | have multiple bits set, which leads to surprising results. Spotted by/partly from Paul Stoeber, more to come. ok ho@ miod@ hshoexer@
* Adapt revision 1.18 change for symlink(2):ray2006-08-141-2/+3
| | | | | | | | only resolve symlinks in the dirname of rename()'s arguments, but not in the filename ``looks sane to me'' sturm@, fixes espie@'s problem, ``Seems reasonable.'' provos@.
* sync with systrace 1.6d, keeping local changessturm2006-07-0216-153/+1119
| | | | tests and feedback by a few
* handcrafted depend and CLEANFILES no longer needed since this is nowotto2006-06-301-5/+1
| | | | done by bsd.*.mk
* add a translation for sendmsg()sturm2006-06-103-3/+62
| | | | from provos, with feedback from ray and pat
* be more clear about policy inheritancesturm2006-05-031-2/+4
| | | | help and ok jmc, provos
* some type cleanupsturm2006-05-026-17/+19
| | | | with feedback from kettenis
* ARGSUSED and a FALLTHROUGH to please lintsturm2006-04-265-5/+14
| | | | ok deraadt
* add translation for mknodsturm2006-04-031-1/+4
| | | | ok provos
* only resolve symlinks in the dirname of rename()'s arguments,sturm2006-03-251-2/+3
| | | | | | but not in the filename ok provos, no objections from tedu (who doesn't use systrace)
* fix problems found by Coverity via NetBSD:robert2006-03-183-8/+9
| | | | | | | | | | - systrace.c: Don't try to dereference pw when it's NULL. Coverity CID 900 - parse.y: free allocated space on failure Coverity CID 1661 - policy.c: Change a return to "goto out" so that fclose will be called. Coverity CID 1881 ok sturm@, ray@
* add a few new translations, partly from NetBSDsturm2006-03-123-3/+207
| | | | ok provos@, deraadt@
* convert permanent privilege revocation to use setresuid/setresgid;djm2006-03-061-9/+5
| | | | ok henning@
* add PTRACE and RTHREADS definessturm2006-01-011-1/+5
| | | | ok miod
* some snprintf() -> strlcpy to improve readibility (and speed?)sturm2005-05-032-8/+8
| | | | from rohee@, ok millert@ before 3.7
* -c option may take either integer or name, not just integer;jmc2005-04-231-6/+6
| | | | | diff from ray; ok sturm@
* wrap bind() to AF_UNIX with umask() to avoid racederaadt2005-03-101-1/+4
|
* #ifdef hpux only for m68k or hppa; this needs a revisit since this showsderaadt2004-07-091-1/+7
| | | | | something flawed in the way that the emulation system calls are being handled
* oops committed the old versionmickey2004-07-091-3/+3
|
* better includes for syscalls from kernelmickey2004-07-092-25/+25
|
* fix an issue when scripts are exec'd under systrace wheremarius2004-07-074-11/+32
| | | | | | | | | the argv[0] would be normalized, and hence break scripts that depend on how they were called. this fixes an issue in the ports builds. ok provos@ deraadt@; lots of testing during hackathon sturm@ naddy@
* if we have detached after an exec, bail out early, and avoid a double free.marius2004-06-241-3/+9
| | | | ok provos@, "works fine" sturm@
* a few fixes to systracemarius2004-06-233-13/+39
| | | | | | | | | | | | - add an exec message so that whenever a set-uid/gid process exec's a new image which we may control, the exec does not go by unnoticed. - take special care to check for P_SUGIDEXEC as well as P_SUGID, corresponding to the same changes that were made in the ptrace code a while ago ok niels@, sturm@; thanks to naddy for testing
* if a string considered a filename is too long, don't exit but just letsturm2004-03-301-4/+4
| | | | | | the syscall fail, it might not actually be a filename fixes pr 3140, ok provos@
* make documentation of cradle mode (-C) clearer, and give an example of whyjmc2004-02-011-4/+16
| | | | | | | it might be used; mostly based on sturm@'s explanation when i hassled him about it, and committed by niels@ to main systrace repository;
* The empty filename does not receive normalization.sturm2004-01-301-1/+8
| | | | | | System calls are supposed to fail on it. from provos@, ok markus@
* support for cradle mode by marius at monkey.org; cradle mode allows thesturm2004-01-236-38/+499
| | | | | | | systrace UI to be attached and re-attached, it also multiplexes across systrace process so that one UI can function as central notification from provos@, ok markus@
* new command line option allows logging to stderr instead of syslogsturm2004-01-072-9/+42
| | | | "looks good" provos@, ok markus@
* include path fixes for gcc3.espie2004-01-051-2/+2
| | | | tests otto@, okay millert@
* permit trailing '$' in usernames, from Tom Cosgrovesturm2003-11-271-2/+2
| | | | ok provos@, henning@
* allow underscore in usernames, from Niels/NetBSDsturm2003-11-231-2/+2
| | | | ok henning@
* remove -Werror from userland builds, to give us a chance toavsm2003-11-201-2/+2
| | | | | use more verbose warning options if desired. ok millert@, henning@, david@
* hyphenise compound adjective; from Jared Yanovich;jmc2003-11-201-2/+2
|
* from NetBSD:sturm2003-10-221-2/+2
| | | | | | initialise an integer field with 0 instead of NULL ok provos, itojun, avsm, fgsch
* typos from Jared Yanovich;jmc2003-10-182-5/+5
|
* originally from cb@openbsd.org, adapted by provossturm2003-10-086-36/+59
| | | | | | | | | | | | | itojun@ ok fix a race condition between path resolution in userland and the subsequent namei(): inform the kernel portion of valid filenames and then disallow symlink lookups for those filenames by means of a hook in namei(). with suggestions from provos@ also, add (currently unused) seqnr field to struct systrace_replace, from provos@
* - use .Bk/.Ekjmc2003-09-041-8/+15
| | | | | | - kill bogus -offsets - escape `-' - .Ev for environment variables
* teach systrace about "aout" emul; henning@ ok.fgsch2003-08-231-1/+2
|
* spelling; e@molioner.dkderaadt2003-08-201-2/+2
|
* several diffs from Niels as applied to NetBSDsturm2003-08-044-31/+50
| | | | | | | | | | | | | monkey.org/NetBSD commit messages: - get rid of retarded CWD handling. CWD is fixed to the CWD of the systrace that started everything. - normalize file name function - normalize CWD for cases where CWD has a symlink in it. should solve problems where CWD policies would not match. - avoid warning due to name collision. - fixed contrived race condition during attachment; from marius@monkey.org itojun@ ok
* - sync with NetBSD or Niels' tarball where appropriatesturm2003-07-1911-94/+178
| | | | | | | | | - keeps local changes - fixes a bug in profile feedback optimization and avoids symbol conflicts with errno - new feature: "ask" action itojun@ ok
* decruftmickey2003-06-241-2/+1
|
* remove unused code which allocated useless memory (which was not freed)pvalchev2003-06-191-22/+1
| | | | ok provos itojun
* - limited number of processes per systraceitojun2003-06-1611-28/+181
| | | | | - escape fixes for special characters markus, sturm ok. from provos
* prevents systrace from referencing freed memory; provositojun2003-06-021-2/+2
|
* >permit numberic values for uid and gid; allow "<" and ">" for less anditojun2003-05-295-16/+70
| | | | | >greate; requested by dugsong@, strum ok
* pull in a bugfix from systrace-current to let systrace deal with creatingsturm2003-05-172-8/+10
| | | | | | directories correctly OK itojun@, thanks to niels for the help
* fix for EOF in interactive policy generation.mpech2003-04-241-2/+3
| | | | millert@ provos@
* use asprintf; fix (remove) some incorrectly sized buffers in the processpvalchev2003-04-171-6/+3
| | | | help & ok millert, miod, deraadt, tedu
* room for NUL; tdevalderaadt2003-04-141-2/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.