Commit Graph

58936 Commits

Author SHA1 Message Date
dd
949740204f mdoc(7) police: rename the DIAGNOSTICS section to ERRORS to match the
content, and correct the parameters to the -tag list therein.

Reviewed by:	ru
2001-04-13 19:49:07 +00:00
wilko
3f65aa42cd Update boot capabilities for Adaptec 2940-series
Obtained from:	axp-list@redhat.com / Jay.Estabrook@compaq.com
2001-04-13 19:47:07 +00:00
jedgar
0575e04a30 Add acl_get_perm_np(3), a non-portable function to check if a
permission is in a permission set, required for third-party
applications such as Samba.

Reviewed by:	rwatson
Obtained from:	TrustedBSD Project
2001-04-13 19:37:04 +00:00
jedgar
9fca9e8cc8 Convert getfacl to the ACL editing library functions. getfacl should
now compile/work on any POSIX.1e-compliant implementation (also tested
against the current Linux patches).

Review by:	rwatson
Obtained from:	TrustedBSD Project
2001-04-13 19:24:28 +00:00
jedgar
430f24915d Add the remaining POSIX.1e ACL definitions:
ACL_UNDEFINED_TAG, ACL_UNDEFINED_ID, ACL_FIRST_ENTRY, ACL_NEXT_ENTRY

Reviewed by:	rwatson
Obtained from:	TrustedBSD Project
2001-04-13 19:14:38 +00:00
jhb
e20549a88c People are still having problems with i586_* on UP machines and SMP
machines, so just hack it to disable them for now until it can be fixed.

Inspired by hair pulling of:	asmodai
2001-04-13 17:14:53 +00:00
rwatson
21239d2a43 o Add a comment identifying the "privileged on privileged" scenario.
Obtained from:	TrustedBSD Project
2001-04-13 16:38:34 +00:00
rwatson
1cb616d497 o Add inter-process authorization uid regression testing for ktrace().
Obtained from:	TrustedBSD Project
2001-04-13 16:25:25 +00:00
bmah
a7a9aad4c4 New release notes: wx(4) supports new cards (submitted by mjacob),
Add missing CMedia and Crystal Semiconductor sound chips (submitted by
orion).

Fix estimate of 5.0-RELEASE release date (submitted by dd).

ntpd(8) security fix cross-reference to SA-01:31.

Fix typo: s/maestreo3/maestro3/.
2001-04-13 16:11:20 +00:00
rwatson
d0cc80f445 o s/debug/ptrace/ since shortly there will be tests involving other
forms of debugging.

Obtained from:	TrustedBSD Project
2001-04-13 16:09:40 +00:00
nate
9ddf0bb57d - Newer versions of bind log denied secondary zone tranfers with
'denied AXFR', not 'unapproved AXFR'.

This is an MFC candidate.

PR:		misc/26529
Submitted by:	duwde@duwde.com.br
2001-04-13 15:13:15 +00:00
rwatson
2603acd499 o Since uid checks in p_cansignal() are now identical between P_SUGID
and non-P_SUGID cases, simplify p_cansignal() logic so that the
  P_SUGID masking of possible signals is independent from uid checks,
  removing redundant code and generally improving readability.

Reviewed by:	tmm
Obtained from:	TrustedBSD Project
2001-04-13 14:33:45 +00:00
bp
592766811b Add smbfs module. Currently it includes smbfs, netsmb and DES parts.
Kernel should be compiled with options LIBMCHAIN and LIBICONV.
2001-04-13 12:11:19 +00:00
bp
f9931b90b2 Move VT_SMBFS definition to the proper place. Undefine VI_LOCK/VI_UNLOCK. 2001-04-13 11:26:54 +00:00
alfred
7e6ce027ec if/panic -> KASSERT 2001-04-13 11:15:40 +00:00
bp
3bdd87f1b9 All NETSMB* options should use opt_netsmb.h file (the joy of multiple repos). 2001-04-13 10:53:56 +00:00
bp
aa8c9d1d7c This file also depends on sys/types.h and sys/ioccom.h.
Remove some old junk.

Submitted by:	bde
2001-04-13 10:50:48 +00:00
alfred
bbee48d66d protect pbufs and associated counts with a mutex 2001-04-13 10:23:32 +00:00
alfred
bcfbf5a27d use %p for pointer printf, include sys/systm.h for printf proto 2001-04-13 10:22:14 +00:00
alfred
f5211e7a6c convert if/panic -> KASSERT, explain what triggered the assertion 2001-04-13 10:15:53 +00:00
markm
3709643556 Make this more lint-friendly. This file seems to be invoked in just
about any .c file that includes a .h, and lint produces copious
whining because of the asm ...; stuff.
2001-04-13 09:46:54 +00:00
murray
b31a55145f Generate useful error messages. 2001-04-13 09:37:25 +00:00
ru
2d4534ab26 mdoc(7) police: Fixed markup. 2001-04-13 09:33:03 +00:00
markm
0efbb4e263 Handle a rare but fatal race invoked sometimes when SIGSTOP is
invoked.
2001-04-13 09:29:34 +00:00
ru
35e3c41f01 mdoc(7) police: Fixed markup in rev.1.5. 2001-04-13 09:17:56 +00:00
ru
00852eaaa7 mdoc(7) police: Fixed typo and markup in rev.1.11. 2001-04-13 09:15:16 +00:00
ru
8e59fdc98e mdoc(7) police: removed hard sentence breaks introduced in rev.1.10. 2001-04-13 08:49:52 +00:00
jhb
c987a9115b - Add a comment at the start of the spin locks list.
- The alpha SMP code uses an "ap boot" spinlock as well.
2001-04-13 08:31:38 +00:00
ru
cbfd1f0c04 Document /usr/include/fs/smbfs and /usr/include/netsmb.
Submitted by:	bp
2001-04-13 08:14:58 +00:00
alfred
7dcb59378d Use a macro wrapper over printf along with KASSERT to reduce the amount
of code here.
2001-04-13 08:07:37 +00:00
ru
5db636c8e1 People, please read the README file!!!
: These files use 4 space indentation, and other than in the header
: comments, should not contain any tabs.
2001-04-13 06:56:16 +00:00
dd
fb1146362f Back out most of revision 1.28: lists of diagnostics must use -diag,
not -tag.  Instead, put a period after the error messages to aide
those using dumb terminals not capable of properly displaying markup.

Requested by:	ru
2001-04-13 06:54:05 +00:00
ru
029dfd12d6 Update comment to match ipfw/ipfw.c,v 1.95. 2001-04-13 06:49:47 +00:00
alfred
d6216a6396 Make SOMAXCONN a kernel option.
Submitted by: Terry Lambert <terry@lambert.org>
2001-04-13 03:50:37 +00:00
rwatson
c11aa73a4b o Disallow two "allow this" exceptions in p_cansignal() restricting
the ability of unprivileged processes to deliver arbitrary signals
  to daemons temporarily taking on unprivileged effective credentials
  when P_SUGID is not set on the target process:
  Removed:
     (p1->p_cred->cr_ruid != ps->p_cred->cr_uid)
     (p1->p_ucred->cr_uid != ps->p_cred->cr_uid)
o Replace two "allow this" exceptions in p_cansignal() restricting
  the ability of unprivileged processes to deliver arbitrary signals
  to daemons temporarily taking on unprivileged effective credentials
  when P_SUGID is set on the target process:
  Replaced:
     (p1->p_cred->p_ruid != p2->p_ucred->cr_uid)
     (p1->p_cred->cr_uid != p2->p_ucred->cr_uid)
  With:
     (p1->p_cred->p_ruid != p2->p_ucred->p_svuid)
     (p1->p_ucred->cr_uid != p2->p_ucred->p_svuid)
o These changes have the effect of making the uid-based handling of
  both P_SUGID and non-P_SUGID signal delivery consistent, following
  these four general cases:
     p1's ruid equals p2's ruid
     p1's euid equals p2's ruid
     p1's ruid equals p2's svuid
     p1's euid equals p2's svuid
  The P_SUGID and non-P_SUGID cases can now be largely collapsed,
  and I'll commit this in a few days if no immediate problems are
  encountered with this set of changes.
o These changes remove a number of warning cases identified by the
  proc_to_proc inter-process authorization regression test.
o As these are new restrictions, we'll have to watch out carefully for
  possible side effects on running code: they seem reasonable to me,
  but it's possible this change might have to be backed out if problems
  are experienced.

Submitted by:		src/tools/regression/security/proc_to_proc/testuid
Reviewed by:		tmm
Obtained from:	TrustedBSD Project
2001-04-13 03:06:22 +00:00
peter
d74956ff51 Remove the 'DO NOT EDIT THIS FILE' crud that we spit out with 'crontab -l'.
Otherwise, "crontab -l > file; vi file; crontab file" adds an extra set
of "DO NOT EDIT" markers each and every time which is a bit silly.
2001-04-13 01:45:22 +00:00
gshapiro
9aaff3ecb1 With the recent change to ip6fw, it is safe to return to using ${fw6cmd}
which may include the -q flag.
2001-04-13 01:40:27 +00:00
gshapiro
1e64929334 Match ip6fw's command line options to those of ipfw (specifically, added
the ability to use a preprocessor, use the -q (quiet) flag when reading
from a file).  The source used is from ipfw.

Clean up exit codes while I am here.

KAME has been informed and plans on integrating these patches into their
own source as well.
2001-04-13 01:31:17 +00:00
rwatson
e767472b72 o Disable two "allow this" exceptions in p_cansched()m retricting the
ability of unprivileged processes to modify the scheduling properties
  of daemons temporarily taking on unprivileged effective credentials.
  These cases (p1->p_cred->p_ruid == p2->p_ucred->cr_uid) and
  (p1->p_ucred->cr_uid == p2->p_ucred->cr_uid), respectively permitting
  a subject process to influence the scheduling of a daemon if the subject
  process has the same real uid or effective uid as the daemon's effective
  uid.  This removes a number of the warning cases identified by the
  proc_to_proc iner-process authorization regression test.
o As these are new restrictions, we'll have to watch out carefully for
  possible side effects on running code: they seem reasonable to me,
  but it's possible this change might have to be backed out if problems
  are experienced.

Reported by:	src/tools/regression/security/proc_to_proc/testuid
Obtained from:	TrustedBSD Project
2001-04-12 22:46:07 +00:00
alfred
229635845b remove truncated part from commment 2001-04-12 21:50:03 +00:00
rwatson
6a5eb15d6e o Make kqueue's filt_procattach() function use the error value returned
by p_can(...P_CAN_SEE), rather than returning EACCES directly.  This
  brings the error code used here into line with similar arrangements
  elsewhere, and prevents the leakage of pid usage information.

Reviewed by:	jlemon
Obtained from:	TrustedBSD Project
2001-04-12 21:32:02 +00:00
rwatson
9ba6e18ce6 o Limit process information leakage by introducing a p_can(...P_CAN_SEE...)
in rtprio()'s RTP_LOOKIP implementation.

Obtained from:	TrustedBSD Project
2001-04-12 20:46:26 +00:00
brian
65b7c17ded Correct some markup
Submitted by:	bde
2001-04-12 20:04:54 +00:00
rwatson
6099fe8265 o Reduce information leakage into jails by adding invocations of
p_can(...P_CAN_SEE...) to getpgid(), getsid(), and setpgid(),
  blocking these operations on processes that should not be visible
  by the requesting process.  Required to reduce information leakage
  in MAC environments.

Obtained from:	TrustedBSD Project
2001-04-12 19:39:00 +00:00
rwatson
d4d2bc9b71 o Expand inter-process authorization regression test to include
signalling with sigsegv as one of the tests.
o Teach errno_to_string() about ENOTSUPP.

Obtained from:  TrustedBSD Project
2001-04-12 17:46:20 +00:00
ache
820a33d7db Activate backward-compatible prototypes 2001-04-12 17:18:46 +00:00
kato
52a17539a6 Merged from options.i386 revision 1.147. 2001-04-12 12:28:42 +00:00
kato
585ed66460 Merged from files.i386 revisions 1.359 and 1.360. 2001-04-12 12:26:40 +00:00
n_hibma
3838000f9c Regen. 2001-04-12 11:08:59 +00:00
n_hibma
542e59d7df TDK ids
Submitted by:	Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp>
2001-04-12 11:04:08 +00:00