artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a90e20d) | patch
pledge()'s 2nd argument becomes char *execpromises, which becomes the
authorderaadt <deraadt@openbsd.org>
Tue, 12 Dec 2017 01:12:34 +0000 (01:12 +0000)
committerderaadt <deraadt@openbsd.org>
Tue, 12 Dec 2017 01:12:34 +0000 (01:12 +0000)
commit4ea7ed56bd1c71560696216439fcb657286d6443
tree93394e9dd8437592a1edb3f27aa5cee002116242tree | snapshot
parenta90e20dc4e9fb10689eb6c88d509b3952d06ac78commit | diff
pledge()'s 2nd argument becomes char *execpromises, which becomes the
pledge for a new execve image immediately upon start.  Also introduces
"error" which makes violations return -1 ENOSYS instead of killing the
program ("error" may not be handed to a setuid/setgid program, which
may be missing/ignoring syscall return values and would continue with
inconsistant state)
Discussion with many
florian has used this to improve the strictness of a daemon
include/unistd.h diff | blob | history
lib/libc/sys/execve.2 diff | blob | history
lib/libc/sys/pledge.2 diff | blob | history
sys/kern/kern_exec.c diff | blob | history
sys/kern/kern_fork.c diff | blob | history
sys/kern/kern_pledge.c diff | blob | history
sys/kern/syscalls.master diff | blob | history
sys/sys/pledge.h diff | blob | history
sys/sys/proc.h diff | blob | history
usr.bin/kdump/ktrstruct.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim