Commit Graph

25 Commits

Author SHA1 Message Date
Mariusz Zaborski
377421df96 capsicum: use a new capsicum helpers in tools
Use caph_{rights,ioctls,fcntls}_limit to simplify the code.
2018-11-04 19:24:49 +00:00
Mariusz Zaborski
7672a0148f Convert cap_enter() < 0 && errno != ENOSYS to caph_enter() < 0.
No functional change intended.
2018-06-19 23:43:14 +00:00
Pedro F. Giffuni
8a16b7a18f General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
Baptiste Daroussin
861152d234 Do not die on system built without CAPSICUM 2017-03-15 15:57:11 +00:00
Warner Losh
fbbd9655e5 Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
Baptiste Daroussin
0064a5b36d Better fix for r314098
The actual issue was the fact that if - was used then some restriction were
already set to stdin when we were applying caph_limit_stdio which was failing
due to the fact the fd was the fd was already restricted to lower rights.

Restricting stdio before actually opening the files prevent trying to raise the
right and fixes the issue.

And this allows to keep failing the program if restriction failed

Approved by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D9723
2017-02-22 16:37:45 +00:00
Allan Jude
e872af3a64 lam(1): Failing to restrict stdin/stdout/stderr should not be fatal
When fed from a pipe, lam(1) would sometimes fail:
lam: unable to limit stdio: Capabilities insufficient

fixed regression in portsnap(8) introduced in r313938

This broke portsnap(8), the app that the capsicumization of lam(1) was
meant to secure.

# portsnap fetch update
Looking up portsnap.FreeBSD.org mirrors... 6 mirrors found.
Fetching snapshot tag from ec2-eu-west-1.portsnap.freebsd.org... done.
Fetching snapshot metadata... done.
Updating from Tue Feb 21 16:05:39 MSK 2017 to Tue Feb 21 16:59:30 MSK 2017.
Fetching 5 metadata patches.lam: unable to limit stdio: Capabilities insufficient
 done.
Applying metadata patches... done.
Fetching 5 metadata files... lam: unable to limit stdio: Capabilities insufficient
/usr/sbin/portsnap: cannot open 8c94d2c3f8fcea20eb1fd82021566c99c63a010e6b3702ee11e7a491795bcfb8.gz: No such file or directory
metadata is corrupt.

Reported by:	Vladimir Zakharov <zakharov.vv@gmail.com>, Ben Woods <woodsb02@gmail.com>
2017-02-22 15:30:57 +00:00
Allan Jude
ba0320553c Capsicum-ize lam(1)
lam(1) is used in portsnap(8), so lock it down

Reviewed by:	emaste, cem, jonathan
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D8076
2017-02-19 06:02:41 +00:00
Ed Schouten
86350df6fe Mark global functions and/or variables in lam(1) static where possible.
This allows compilers and static analyzers to more thorough analysis.
2011-11-06 18:49:41 +00:00
Joel Dahl
da52b4caaf Remove the advertising clause from UCB copyrighted files in usr.bin. This
is in accordance with the information provided at
ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change

Also add $FreeBSD$ to a few files to keep svn happy.

Discussed with:	imp, rwatson
2010-12-11 08:32:16 +00:00
Ed Schouten
ef636796f6 ANSIfy various tools in usr.bin/.
Most of these tools properly build at WARNS=6, except for their K&R
function declarations. Fix this, so we can bump WARNS as well.
2010-01-02 10:09:20 +00:00
Juli Mallett
dfaacec6ff Call usage() instead of being insolent. 2005-08-05 01:04:36 +00:00
Tim J. Robbins
be1e385e24 Avoid passing negative values to tolower() on machines with signed chars. 2004-07-19 12:57:24 +00:00
Juli Mallett
f201bc9c84 Back out my minorly disputed and possibly not well thought out changes to how
arguments are processed, at least temporarily.
2002-07-01 18:03:30 +00:00
David E. O'Brien
e026a48c34 Consistently use FBSDID 2002-06-30 05:25:07 +00:00
Juli Mallett
21e21aad32 Increment morefiles, balance braces. This should really be using getopt(3). 2002-06-27 21:11:19 +00:00
Juli Mallett
f63eec78e4 Instead of not using argc and doing other great evil, check for no arguments
in main() and print usage, or if there are too many arguments, handle that
there, too.
2002-06-27 21:01:32 +00:00
Mike Barcroft
b5b9b43078 Constify, staticize, and set WARNS=2.
MFC after:	3 days
2001-08-06 23:20:06 +00:00
Mike Heffner
8ecfa0142f Fix style(9) bugs from previous commit: remove space after function
names and revert to char *[].

bde by:	bde, imp
2001-02-08 20:15:59 +00:00
Mike Heffner
7a536c3b41 De-__P()-ify, convert K&R style declarations to ANSI ones 2001-02-08 05:58:55 +00:00
Mike Heffner
aeacf525ad Prevent string overflows by using safer string functions
Use tolower() rather than bit or-ing
Sanity check user specified printf() format
Exit when too many input files are given
Remove register from variables

Reviewed by:	markm, imp
2001-02-08 05:33:19 +00:00
Kris Kennaway
0c4d24a78f Don't call err() with no format string. 2000-07-10 09:14:15 +00:00
Peter Wemm
c3aac50f28 $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
Philippe Charnier
df8996586c Use err(3) instead of local redefintion. Add usage() as a separate
function. Rewrote man page in mdoc format.
1997-07-18 06:43:15 +00:00
Rodney W. Grimes
9b50d90275 BSD 4.4 Lite Usr.bin Sources 1994-05-27 12:33:43 +00:00