This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.
Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]
Mark known build failures as NO_PIE for now.
The only known runtime failure was rtld.
[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by: Shawn Webb <lattera@gmail.com>
Discussed between: des@ and Shawn Webb [2]
current version of FreeBSD, this isn't guarenteed by the API. Custom
security modules, or future implementations of the setuid and setgid
may fail.
PR: bin/172289
PR: bin/172290
PR: bin/172291
Submittud by: Erik Cederstrand <erik@cederstrand.dk>
Discussed by: freebsd-security
Approved by: cperciva
MFC after: 1 week
print-jobs which have last-modification times that are in the future.
This shouldn't happen, of course, but it can. And when it did happen,
the previous check could cause completely-spooled jobs to sit in the
queue for 20 minutes per job. The new code waits until the last-modify
time is not changing, instead of making decisions based on the specific
value of last-modify.
MFC after: 2 weeks
so that the checking will wind up with the correct mode-bits in
the case where the initial open() of that lock file will create it.
Due to this bug, the first job ever sent to a queue could leave
that queue in a "printing is disabled" state.
PR: 93469
Submitted by: Michael Szklarski of kco.com.pl
MFC after: 1 week
the file will be created with the right access, if the call to open()
does create it. Also fix the other call to umask() to turn off
"write others", just as a matter of general safety.
PR: 74418
MFC after: 4 days
sure the data file has been completely transfered before starting to
print it. This is needed because some implementations of lpr will send
the control-file for a print job before sending the matching data-files,
and that can cause problems if the receiving host is a busy print-server.
MFC after: 2 weeks
when reading/writing spool files. I intend to do a more elaborate
version, but I want to get this much in before 4.9-release. As written,
this results in no change to the object code.
Submitted by: John-Mark Gurney
Reviewed by: /sbin/md5
MFC after: 4 days
format of 'sccsid' lines so they consistently match style(9)
guidelines. Inspired by recent update to lpd.c by charnier.
Reviewed by: discussed on cvs-src & with bde and obrien
MFC after: 15 days
mainly so the compiler can correctly do printf-style parameter checking.
Some minor improvements to a few of the error messages, but the main
goal here is to get rid of a few more compile-time warning messages.
MFC after: 5 days
of them to keep better track of which-is-which (multiple variables were
named 'pid'). Moved a global pid-variable into the only routine that
used it. Net result: fixes two compile-time warnings...
MFC after: 2 weeks
This is a boolean option, and if it is specified in a print queue
for a remote host, it causes lpd to resend the data file for each
copy the user requested on 'lpr -#n'. This is useful for network
printers which accept lpd-style jobs, but which ignore the control
file (and thus they ignore any request for multiple copies).
PR: 25635
Reviewed by: short review on freebsd-audit
MFC after: 6 days
for what is currently the '-p' parameter. '-s' is what NetBSD
used (and they implemented it before I added -p in FreeBSD), and
it also matches the '-s' option in syslogd. Someone in OpenBSD
land had also talked about adding a '-s' option, but it hasn't
happened yet.
MFC after: 5 days
"confused" about it being unassigned. In fact, gcc was right. Fix the
real problem by setting that variable before break-ing out of a select
statement so gcc is happy, and then remove the unnecessary assignment.
Reported by: a user wondering why lpd syslog-ed about "compiler confusion"
MFC after: 12 days
input file and any temporary (filter) file are closed upon return, and
that is generally done at the end of the routine. This should make it
easier for a later update (not yet written) to implement a "resend_copies"
option.
MFC after: 12 days
remote machines. Now they really are handled *exactly* the same as
input filters (if=) for remote queues, except that they are started
with a different set of parameters. This should fix a few subtle
bugs in output-filter processing on such queues. It is a pretty
significant re-arranging of sendfile(), moving some of it to a new
execfilter() routine.
PR: 36552
Reviewed by: no screams from freebsd-audit
MFC after: 12 days
for a remote print job. This change comes from OpenBSD (who got it from
Sebastian Krahmer of SuSE). In OpenBSD this avoids a tiny theoretical
security issue, but that security issue does not exist in FreeBSD's lpr
due to the changes which added 'ctl_renametf()' just before 4.4-release.
This change is still worth doing in our version, but it isn't fixing a
security issue.
MFC after: 4 days
'l' ("plain text which includes control characters") is somewhat more
appropriate for 'o' ("postscript files"), and in fact some printers treat
'l' as a request to print a postscript file.
MFC after: 1 week
This was described in the original RFC wrt lpr, but most lpr's do not
actually implement it. There is some indication that MacOS 10.1 will
be using this when sending postscript files to print servers (that is
what "o"-type was supposed to signify -- postscript files).
MFC after: 1 week