This is valueable for library code which needs to be able to find out
whether the current process is or *was* set[ug]id at some point in the
past, and may have a "tainted" execution environment. This is especially
a problem with the trend to immediately revoke privs at startup and regain
them for critical sections. One problem with this is that if a cracker
is able to compromise the program while it's still got a saved id, the
cracker can direct the program to regain the privs. Another problem is
that the user may be able to affect the program in some other way (eg:
setting resolver host aliases) and the library code needs to know when it
should disable these sorts of features.
Reviewed by: ache
Inspired by: OpenBSD (but with a different implementation)
that allows traditional BSD setuid/setgid behavior.
The only visible difference should be that a non-root setuid program
(eg: inn's "rnews" program) that is setuid to news, can completely
"become" uid news. (ie: setuid(geteuid()) This was allowed in
traditional 4.2/4.3BSD and is now "blessed" by Posix as a special
case of "appropriate privilige".
Also, be much more careful with the P_SUGID flag so that we can use it
for issetugid() - only set it if something changed.
Reviewed by: ache
vector except for the egid in groups[0]. There is a risk that programs
that come from SYSV/Linux that expect this to work and don't check for
error returns may accidently pass root's groups on to child processes.
We now do what is least suprising (to non BSD programs/programmers) in
this scenario, and nothing is changed for programs written with BSD groups
rules in mind.
Reviewed by: ache
to removing the connection from the queue. The problem here is that
falloc() may block and this would allow another process to accept the
connection instead. If this happens to leave the queue empty, then the
system will panic with an "accept: nothing queued".
Also changed a wakeup() to a wakeup_one() to avoid the "thundering herd"
problem on new connections in Apache (or any other application that has
multiple processes blocked in accept() for the same socket).
as shadows of their containing directory. This should solve the problem
of users not being able to delete their symlinks from /tmp once and for
all.
Symlinks do not have modes though, they are accessable to everything that
can read the directory (as before). They are made to show this fact at
lstat time (they appear as mode 0777 always, since that's how the the
lookup routines in the kernel treat them).
More commits will follow, eg: add a real lchown() syscall and man pages.
centric rather than VM-centric to fix a problem with errors not being
detectable when the header is read.
Killed exech_map as a result of these changes.
There appears to be no performance difference with this change.
toronto up 5+18:58, 0 users, load 0.00, 0.00, 0.00
zeus up 109+13:53, 0 users, load 0.55, 0.28, 0.15
looks like:
toronto up 5+18:58, 0 users, load 0.00, 0.00, 0.00
zeus up 109+13:53, 0 users, load 0.55, 0.28, 0.15
'make -j3 world' works
Jordan points out that this may not be the only place this is required to be
added, but so far, its the only one I've found to break -j3
Change "Found end of tape. Load next tape ..." messages to say
"volume" instead of tape. Running cpio off of /dev/fd0 and having
it say "give me the next tape" is kind of ludicrous.. :-)
and opened the archive file. This allows "cpio -o -O output_file"
to create the output file with the callers proper umask.
Closed PR# 1391
Add setlocale LC_ALL (from ache).
- Fix gross spelling and typographical errors pointed out by Keith Bostic.
- Mention -l, --link is only usable with "-p".
Obtained from: old gnu/usr.bin/cpio v2.3.
stops regular files with unrepresentable rdevs from being rejected
and makes the output independent of unpreservable metadata.
Don't output a file if the major, minor or totality of its rdev would be
truncated. Print a message about the skipped files to stderr but don't
report the error in the exit status. cpio's abysmal error handling doesn't
allow continuing after an error, and the rdev checks had to be misplaced
to avoid the problem of returning an error code from routines that return
void.
Minor numbers are limited to 21 bits in pax's ustar format and to 18
bits in archives created by gnu tar (gnu tar wastes 3 bits for padding).
pax's and cpio's ustar format is incompatible with gnu tar's ustar
format for other reasons (see cpio/README).
Submitted by: bde via old gnu/usr.bin/cpio v2.3.
is the example is quite spartan.
As pointed out by Bruce there are *three* different filenames being used:
cvs FREEBSD.README
groff FREEBSD-upgrade
libgmp FREEBSD-upgrade
libpcap FREEBSD-upgrade
tcpdump FREEBSD-upgrade
traceroute FREEBSD-upgrade
tcl README.FreeBSD
The handbook states "README.FreeBSD". Perhaps this should be changed?
