freebsd-nq

d/freebsd-nq

Fork 0

Commit Graph

Author	SHA1	Message	Date
Robert Watson	b881b8be1d	Update most userspace consumers of capability.h to use capsicum.h instead. auditdistd is not updated as I will make the change upstream and then do a vendor import sometime in the next week or two. MFC after: 3 weeks	2014-03-16 11:04:44 +00:00
Jonathan Anderson	f8c6c2cf5a	Flesh out the cap_test regression test. Add more regression testing, some of which is expected to fail until we commit more kernel implementation. Approved by: re (kib), mentor (rwatson) Sponsored by: Google Inc	2011-08-04 14:20:13 +00:00
Jonathan Anderson	ceb42a13a1	Regression tests for Capsicum capability mode. Ensure that system calls that access global namespaces, e.g. open(2), are not permitted, and that whitelisted sysctls like kern.osreldate are. Approved by: rwatson Sponsored by: Google, Inc.	2011-05-04 12:44:46 +00:00

Author

SHA1

Message

Date

Robert Watson

b881b8be1d

Update most userspace consumers of capability.h to use capsicum.h instead.

auditdistd is not updated as I will make the change upstream and then do a
vendor import sometime in the next week or two.

MFC after:	3 weeks

2014-03-16 11:04:44 +00:00

Jonathan Anderson

f8c6c2cf5a

Flesh out the cap_test regression test.

Add more regression testing, some of which is expected to fail until we
commit more kernel implementation.

Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc

2011-08-04 14:20:13 +00:00

Jonathan Anderson

ceb42a13a1

Regression tests for Capsicum capability mode.

Ensure that system calls that access global namespaces, e.g. open(2), are not permitted, and that whitelisted sysctls like kern.osreldate are.

Approved by: rwatson
Sponsored by: Google, Inc.

2011-05-04 12:44:46 +00:00

3 Commits