possibility of security holes allowing root penetration.
Inspired by: Mark Handley <M.Handley@cs.ucl.ac.uk> and
Theo de Raadt <deraadt@theos.com> independently
Submitted by: Theo de Raadt <deraadt@theos.com>
have it check to see that it doesn't contain any '/' characters. This
prevents possible silliness like ypcat "../../../kernel". We already
test the domain name for this in yp_validdomain(), and ypserv itself
tests the map name in yp_open_db(), but it doesn't hurt to be paranoid
and test for it in the generic access routine too. rpc.ypxfrd does not
test the map name for slashes, but it does call yp_access() with the
map name, so this removes a potential vulnerability from there.
Also make the tests for IPPORT_RESERVED a little more selective: make
sure it trips when map == master.passwd.*, prog == YPPROC and proc ==
YPPROC_XFR, and prog == YPXFRD_FREEBSD_PROG and proc == YPXFRD_GETMAP.
Also use IPPORT_RESERVED instead of hard-coded value.
by sysctl and never can be in their documented form (kern.name_max would
have to become fs.filesystemname.name_max, etc.).
Added missing references to user.stream_max and user.tzname_max. These
seem to misnamed. <sys/sysconf.h> says that they correspond to POSIX2
names, but the sysconf names don't have POSIX2 or "posix2" like all the
other POSIX2 names.
and use /dev/console.
I really think the proper test is to determine which device has been configured
to be the console (remember the RB_SERIAL flag?) and use it instead of always
trying to open /dev/ttyv0 first.
and the user inserts a floppy), read the config file to pre-define variables
for a custom installation.
[Note: I fixed one bug in LOAD_CONFIG_FILE code, but it's still not perfect.]
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
ask for matching confirmation. I'm sure there is a clever direct-from-perl
ioctl way of putting the terminal into noecho mode, but I don't feel like
learning perl so I just used system. [yes, I'll put stty on the installation
boot floppy as necessary]
works from startup, and works with XFree86 via /dev/sysmouse, it should
be started at boot and left running.
Pointed out by: Sujal Patel <smpatel@umiacs.umd.edu>
I could find. This change does the following:
- s/usage()/break;/ in handling the -s switch.
- use err/warn instead of fprintf(stderr, ... strerror()); exit(1);
- implement Hitachi PUMA HitTablet support from the XFree86 code,
whatever the hell that is. :-)
- correctly implement baud rate setting, too much was cut from the
XFree86 code, the critical parts were a sweep over all likely
mouse powerup baud rates to switch it to the reqested rate.
- logitech support was busted (at least on mine, which is autosensing
and runs in either mmseries or logitech mode depending on the handshake
code at startup. Among other things, you talk to it at 1200, then
switch to the target baud later.
Some remaining problems.. samplerate setting is missing, but I've not
found where this is meant to be set yet. I presume this is resolution
setting of some kind.
the real buffer size. Note that the strncpy(domain, ...) doesn't need to
be a strncpy(), since it is copying from itself to itself, but belts
and suspenders don't hurt and this is not time-critical code.
Fixes the half of PR bin/1581 that wasn't fixed in rev 1.7
Submitted by: Karl <karl@codebase.mcs.net>
