| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
otherwise if omitted we need to unveil(2) both _PATH_UNIX and _PATH_KSYMS with
same permissions.
Unconditionally we need to also unveil(2) dbdir, which by default is
_PATH_VARDB but can be changed via args (-o directory), with read/write/create
permissions. There are a couple of temp files that will be created but it's
inside dbdir so there's no need to unveil(2) them individually.
Since we already call pledge(2) before, twice, we need to add "unveil" promise
to both of them, and finally call pledge(2) once again with the needed promises
except "unveil".
OK millert@
|
| |
|
|
| |
Adjust error message accordingly.
|
| |
|
|
| |
discussion with millert
|
| | |
|
| |
|
|
|
| |
by pledge(2). This requires pledge "id" but that can be dropped
immediately after the setegid() call. From Theo Buehler
|
| |
|
|
|
| |
Use a slightly larger pledge, earlier on.
from gregor best
|
| |
|
|
| |
use pledge and file locking. OK deraadt@
|
| |
|
|
|
| |
*chown, even "proc fattr" won't let you do such a job. remove early pledge(),
only leave call after fchown, before when symbol table work gets done.
|
| |
|
|
|
|
|
|
| |
"stdio rpath wpath cpath getpw fattr proc" early on; "proc fattr"
allows doing work with other uids on the file. after opening the
db, do the chown (replace with fchown since we know fd) and then
pledge "stdio rpath"; "rpath" due to tmpfile rename() at the end.
mistake spotted by mpi
|
| |
|
|
| |
except kvm_mkdb also does "getpw".
|
| |
|
|
|
|
|
|
|
| |
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
| | |
|
| |
|
|
|
|
| |
the errno of an intervening cleanup operation like close/unlink/etc.
Diff from Doug Hogan (doug (at) acyclic.org)
|
| |
|
|
|
|
|
| |
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(the 33,000 line diff is essentially mechanical)
ok with the idea millert, ok dms
|
| | |
|
| |
|
|
| |
manpage nits jmc@ ok tedu@
|
| | |
|
| |
|
|
| |
rescinded 22 July 1999. Proofed by myself and Theo.
|
| | |
|
| | |
|
| |
|
|
| |
Give more precise error messages in case of failure
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
/bsd if it exists and we can open it.
o Fix a bug where kvm_mkdb would leave a temp file in /var/db if the
file argument didn't exit.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
o testdb() needs to take as an arg the name of the kernel so it can do
the version test correctly.
o add undocumented verbose flag to tell when we are rebuilding the .db file
o DO_* -> _NLIST_DO_*, this prevented kvm_mkdb from doing anything at all.
o preserve a few error messages so you get error output when none of
the exec types match the target.
o check malloc return values
o get_kerntext should not subtract the sizeof(struct exec) from kernel_text
|
| |
|
|
|
| |
Also, KNF, b* -> mem*, getopt tests against -1, not EOF, and index -> strchr.
Added OpenBSD tags.
|
| |
|
deraadt
mestre
tb
millert
tedu
guenther
djm
espie