Commit Graph

58744 Commits

Author SHA1 Message Date
Dima Dorfman
19ab52cb4e mdoc(7) police: properly use a -diag list in the DIAGNOSTICS section.
Reviewed by:	ru
2001-04-13 19:59:47 +00:00
Dima Dorfman
ef0180ed69 mdoc(7) police: rename the DIAGNOSTICS section to ERRORS to match the
content, and correct the parameters to the -tag list therein.

Reviewed by:	ru
2001-04-13 19:49:07 +00:00
Wilko Bulte
a8f2b5257f Update boot capabilities for Adaptec 2940-series
Obtained from:	axp-list@redhat.com / Jay.Estabrook@compaq.com
2001-04-13 19:47:07 +00:00
Chris D. Faulhaber
9a227c5754 Add acl_get_perm_np(3), a non-portable function to check if a
permission is in a permission set, required for third-party
applications such as Samba.

Reviewed by:	rwatson
Obtained from:	TrustedBSD Project
2001-04-13 19:37:04 +00:00
Chris D. Faulhaber
7a832d4392 Convert getfacl to the ACL editing library functions. getfacl should
now compile/work on any POSIX.1e-compliant implementation (also tested
against the current Linux patches).

Review by:	rwatson
Obtained from:	TrustedBSD Project
2001-04-13 19:24:28 +00:00
Chris D. Faulhaber
94ef417e4b Add the remaining POSIX.1e ACL definitions:
ACL_UNDEFINED_TAG, ACL_UNDEFINED_ID, ACL_FIRST_ENTRY, ACL_NEXT_ENTRY

Reviewed by:	rwatson
Obtained from:	TrustedBSD Project
2001-04-13 19:14:38 +00:00
John Baldwin
adccbaa77d People are still having problems with i586_* on UP machines and SMP
machines, so just hack it to disable them for now until it can be fixed.

Inspired by hair pulling of:	asmodai
2001-04-13 17:14:53 +00:00
Robert Watson
361515d909 o Add a comment identifying the "privileged on privileged" scenario.
Obtained from:	TrustedBSD Project
2001-04-13 16:38:34 +00:00
Robert Watson
8f6fee753c o Add inter-process authorization uid regression testing for ktrace().
Obtained from:	TrustedBSD Project
2001-04-13 16:25:25 +00:00
Bruce A. Mah
61b133b7c0 New release notes: wx(4) supports new cards (submitted by mjacob),
Add missing CMedia and Crystal Semiconductor sound chips (submitted by
orion).

Fix estimate of 5.0-RELEASE release date (submitted by dd).

ntpd(8) security fix cross-reference to SA-01:31.

Fix typo: s/maestreo3/maestro3/.
2001-04-13 16:11:20 +00:00
Robert Watson
72919d5f6d o s/debug/ptrace/ since shortly there will be tests involving other
forms of debugging.

Obtained from:	TrustedBSD Project
2001-04-13 16:09:40 +00:00
Nate Williams
991bcf5c04 - Newer versions of bind log denied secondary zone tranfers with
'denied AXFR', not 'unapproved AXFR'.

This is an MFC candidate.

PR:		misc/26529
Submitted by:	duwde@duwde.com.br
2001-04-13 15:13:15 +00:00
Robert Watson
e9e7ff5b22 o Since uid checks in p_cansignal() are now identical between P_SUGID
and non-P_SUGID cases, simplify p_cansignal() logic so that the
  P_SUGID masking of possible signals is independent from uid checks,
  removing redundant code and generally improving readability.

Reviewed by:	tmm
Obtained from:	TrustedBSD Project
2001-04-13 14:33:45 +00:00
Boris Popov
e59572b595 Add smbfs module. Currently it includes smbfs, netsmb and DES parts.
Kernel should be compiled with options LIBMCHAIN and LIBICONV.
2001-04-13 12:11:19 +00:00
Boris Popov
0fdabd3a45 Move VT_SMBFS definition to the proper place. Undefine VI_LOCK/VI_UNLOCK. 2001-04-13 11:26:54 +00:00
Alfred Perlstein
971dd34298 if/panic -> KASSERT 2001-04-13 11:15:40 +00:00
Boris Popov
de847dd07c All NETSMB* options should use opt_netsmb.h file (the joy of multiple repos). 2001-04-13 10:53:56 +00:00
Boris Popov
34ae6c7541 This file also depends on sys/types.h and sys/ioccom.h.
Remove some old junk.

Submitted by:	bde
2001-04-13 10:50:48 +00:00
Alfred Perlstein
2a758ebe58 protect pbufs and associated counts with a mutex 2001-04-13 10:23:32 +00:00
Alfred Perlstein
493607117e use %p for pointer printf, include sys/systm.h for printf proto 2001-04-13 10:22:14 +00:00
Alfred Perlstein
1375ed7eb7 convert if/panic -> KASSERT, explain what triggered the assertion 2001-04-13 10:15:53 +00:00
Mark Murray
c13d191de3 Make this more lint-friendly. This file seems to be invoked in just
about any .c file that includes a .h, and lint produces copious
whining because of the asm ...; stuff.
2001-04-13 09:46:54 +00:00
Murray Stokely
a4e6da691f Generate useful error messages. 2001-04-13 09:37:25 +00:00
Ruslan Ermilov
dc1e426492 mdoc(7) police: Fixed markup. 2001-04-13 09:33:03 +00:00
Mark Murray
f0b60d7560 Handle a rare but fatal race invoked sometimes when SIGSTOP is
invoked.
2001-04-13 09:29:34 +00:00
Ruslan Ermilov
488379bb11 mdoc(7) police: Fixed markup in rev.1.5. 2001-04-13 09:17:56 +00:00
Ruslan Ermilov
471b9c332c mdoc(7) police: Fixed typo and markup in rev.1.11. 2001-04-13 09:15:16 +00:00
Ruslan Ermilov
566f5a4859 mdoc(7) police: removed hard sentence breaks introduced in rev.1.10. 2001-04-13 08:49:52 +00:00
John Baldwin
7a9aa5d372 - Add a comment at the start of the spin locks list.
- The alpha SMP code uses an "ap boot" spinlock as well.
2001-04-13 08:31:38 +00:00
Ruslan Ermilov
8f00082cd6 Document /usr/include/fs/smbfs and /usr/include/netsmb.
Submitted by:	bp
2001-04-13 08:14:58 +00:00
Alfred Perlstein
7d26b6a450 Use a macro wrapper over printf along with KASSERT to reduce the amount
of code here.
2001-04-13 08:07:37 +00:00
Ruslan Ermilov
ebce6f8a5c People, please read the README file!!!
: These files use 4 space indentation, and other than in the header
: comments, should not contain any tabs.
2001-04-13 06:56:16 +00:00
Dima Dorfman
2306a12f75 Back out most of revision 1.28: lists of diagnostics must use -diag,
not -tag.  Instead, put a period after the error messages to aide
those using dumb terminals not capable of properly displaying markup.

Requested by:	ru
2001-04-13 06:54:05 +00:00
Ruslan Ermilov
506c373bc0 Update comment to match ipfw/ipfw.c,v 1.95. 2001-04-13 06:49:47 +00:00
Alfred Perlstein
7bbd138e2f Make SOMAXCONN a kernel option.
Submitted by: Terry Lambert <terry@lambert.org>
2001-04-13 03:50:37 +00:00
Robert Watson
44c3e09cdc o Disallow two "allow this" exceptions in p_cansignal() restricting
the ability of unprivileged processes to deliver arbitrary signals
  to daemons temporarily taking on unprivileged effective credentials
  when P_SUGID is not set on the target process:
  Removed:
     (p1->p_cred->cr_ruid != ps->p_cred->cr_uid)
     (p1->p_ucred->cr_uid != ps->p_cred->cr_uid)
o Replace two "allow this" exceptions in p_cansignal() restricting
  the ability of unprivileged processes to deliver arbitrary signals
  to daemons temporarily taking on unprivileged effective credentials
  when P_SUGID is set on the target process:
  Replaced:
     (p1->p_cred->p_ruid != p2->p_ucred->cr_uid)
     (p1->p_cred->cr_uid != p2->p_ucred->cr_uid)
  With:
     (p1->p_cred->p_ruid != p2->p_ucred->p_svuid)
     (p1->p_ucred->cr_uid != p2->p_ucred->p_svuid)
o These changes have the effect of making the uid-based handling of
  both P_SUGID and non-P_SUGID signal delivery consistent, following
  these four general cases:
     p1's ruid equals p2's ruid
     p1's euid equals p2's ruid
     p1's ruid equals p2's svuid
     p1's euid equals p2's svuid
  The P_SUGID and non-P_SUGID cases can now be largely collapsed,
  and I'll commit this in a few days if no immediate problems are
  encountered with this set of changes.
o These changes remove a number of warning cases identified by the
  proc_to_proc inter-process authorization regression test.
o As these are new restrictions, we'll have to watch out carefully for
  possible side effects on running code: they seem reasonable to me,
  but it's possible this change might have to be backed out if problems
  are experienced.

Submitted by:		src/tools/regression/security/proc_to_proc/testuid
Reviewed by:		tmm
Obtained from:	TrustedBSD Project
2001-04-13 03:06:22 +00:00
Peter Wemm
8966f5046e Remove the 'DO NOT EDIT THIS FILE' crud that we spit out with 'crontab -l'.
Otherwise, "crontab -l > file; vi file; crontab file" adds an extra set
of "DO NOT EDIT" markers each and every time which is a bit silly.
2001-04-13 01:45:22 +00:00
Gregory Neil Shapiro
584096c53e With the recent change to ip6fw, it is safe to return to using ${fw6cmd}
which may include the -q flag.
2001-04-13 01:40:27 +00:00
Gregory Neil Shapiro
3371e17cb6 Match ip6fw's command line options to those of ipfw (specifically, added
the ability to use a preprocessor, use the -q (quiet) flag when reading
from a file).  The source used is from ipfw.

Clean up exit codes while I am here.

KAME has been informed and plans on integrating these patches into their
own source as well.
2001-04-13 01:31:17 +00:00
Robert Watson
0489082737 o Disable two "allow this" exceptions in p_cansched()m retricting the
ability of unprivileged processes to modify the scheduling properties
  of daemons temporarily taking on unprivileged effective credentials.
  These cases (p1->p_cred->p_ruid == p2->p_ucred->cr_uid) and
  (p1->p_ucred->cr_uid == p2->p_ucred->cr_uid), respectively permitting
  a subject process to influence the scheduling of a daemon if the subject
  process has the same real uid or effective uid as the daemon's effective
  uid.  This removes a number of the warning cases identified by the
  proc_to_proc iner-process authorization regression test.
o As these are new restrictions, we'll have to watch out carefully for
  possible side effects on running code: they seem reasonable to me,
  but it's possible this change might have to be backed out if problems
  are experienced.

Reported by:	src/tools/regression/security/proc_to_proc/testuid
Obtained from:	TrustedBSD Project
2001-04-12 22:46:07 +00:00
Alfred Perlstein
b28cb1ca07 remove truncated part from commment 2001-04-12 21:50:03 +00:00
Robert Watson
e386f9bda3 o Make kqueue's filt_procattach() function use the error value returned
by p_can(...P_CAN_SEE), rather than returning EACCES directly.  This
  brings the error code used here into line with similar arrangements
  elsewhere, and prevents the leakage of pid usage information.

Reviewed by:	jlemon
Obtained from:	TrustedBSD Project
2001-04-12 21:32:02 +00:00
Robert Watson
d34f8d3030 o Limit process information leakage by introducing a p_can(...P_CAN_SEE...)
in rtprio()'s RTP_LOOKIP implementation.

Obtained from:	TrustedBSD Project
2001-04-12 20:46:26 +00:00
Brian Somers
cdf6f0b1ae Correct some markup
Submitted by:	bde
2001-04-12 20:04:54 +00:00
Robert Watson
eb9e5c1d72 o Reduce information leakage into jails by adding invocations of
p_can(...P_CAN_SEE...) to getpgid(), getsid(), and setpgid(),
  blocking these operations on processes that should not be visible
  by the requesting process.  Required to reduce information leakage
  in MAC environments.

Obtained from:	TrustedBSD Project
2001-04-12 19:39:00 +00:00
Robert Watson
bacff58c0e o Expand inter-process authorization regression test to include
signalling with sigsegv as one of the tests.
o Teach errno_to_string() about ENOTSUPP.

Obtained from:  TrustedBSD Project
2001-04-12 17:46:20 +00:00
Andrey A. Chernov
7de69ff097 Activate backward-compatible prototypes 2001-04-12 17:18:46 +00:00
KATO Takenori
4dfe1d3b64 Merged from options.i386 revision 1.147. 2001-04-12 12:28:42 +00:00
KATO Takenori
a3758914a0 Merged from files.i386 revisions 1.359 and 1.360. 2001-04-12 12:26:40 +00:00
Nick Hibma
1470e6aaeb Regen. 2001-04-12 11:08:59 +00:00