d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/sys
History
Guy Helmer e06dbd3229 Revision 1.4 set access for all sensitive files in /proc/<PID> to mode 0 
if a process's uid or gid has changed, but the /proc/<PID> directory
itself was also set to mode 0.  Assuming this doesn't open any
security holes, open access to the /proc/<PID> directory for users
other than root to read or search the directory.

Reviewed by:	des (back in February)
MFC after:	3 weeks
2006-05-24 14:03:51 +00:00
..
amd64
Move clock_lock prototype into <machine/clock.h>, where it is more
2006-05-19 18:53:50 +00:00
arm
Use pmap_devmap_bootstrap(), instead of mapping the SACOM1 registers
2006-05-23 12:14:14 +00:00
boot
- Replace the entry for the no longer existing lnc(4) module with an
2006-05-14 19:04:12 +00:00
bsm
Update src/sys/bsm for OpenBSM 1.0 alpha 5 changes:
2006-03-04 16:54:21 +00:00
cam
Since DELAY() was moved, most <machine/clock.h> #includes have been
2006-05-16 14:37:58 +00:00
coda
Since DELAY() was moved, most <machine/clock.h> #includes have been
2006-05-16 14:37:58 +00:00
compat
Fix file leaking in translate_path_major_minor.
2006-05-16 17:57:00 +00:00
conf
Add in a bunch of things to the mfi driver:
2006-05-18 23:30:48 +00:00
contrib
Since DELAY() was moved, most <machine/clock.h> #includes have been
2006-05-16 14:37:58 +00:00
crypto
padlock(4) doesn't support explicitly provided keys yet.
2006-04-20 06:31:44 +00:00
ddb
Use __LP64__ rather than the PTR64 hack.
2006-05-11 21:59:55 +00:00
dev
Rename device name in the last commit. According to PR, the ID is
2006-05-24 11:55:25 +00:00
doc
fs
Revision 1.4 set access for all sensitive files in /proc/<PID> to mode 0
2006-05-24 14:03:51 +00:00
gdb
add support for copying console messages to a remote gdb
2006-03-23 23:06:14 +00:00
geom
Remove the trailing half of a sentence which was clearly superceded
2006-05-24 11:02:32 +00:00
gnu
Check for VFS_STATFS() failure in _xfs_mount() and abort the mount
2006-05-05 18:41:56 +00:00
i4b
Since DELAY() was moved, most <machine/clock.h> #includes have been
2006-05-16 14:37:58 +00:00
i386
Move clock_lock prototype into <machine/clock.h>, where it is more
2006-05-19 18:53:50 +00:00
ia64
Add le(4). I could actually only test it on alpha, i386 and sparc64 but
2006-05-17 20:45:45 +00:00
isa
Remove various bits of conditional Alpha code and fixup a few comments.
2006-05-12 05:04:46 +00:00
isofs/cd9660
When encountering a ISO_SUSP_CFLAG_ROOT element in Rock Ridge
2006-03-13 22:32:33 +00:00
kern
Don't allow non-root user to set a scheduler policy, otherwise this could
2006-05-21 00:40:38 +00:00
libkern
First pass at removing Alpha kernel support.
2006-05-11 22:25:28 +00:00
modules
Add in a bunch of things to the mfi driver:
2006-05-18 23:30:48 +00:00
net
Do not call knlist_destroy() in tapclose(). Instead call it when device is
2006-05-17 17:05:02 +00:00
net80211
Ensure outbound data packets in hostap mode are delivered only to
2006-04-28 19:06:15 +00:00
netatalk
White space consistency with kasserts. Minor style tweaks.
2006-04-01 16:54:37 +00:00
netatm
Chance protocol switch method pru_detach() so that it returns void
2006-04-01 15:42:02 +00:00
netgraph
Add new SIOC_HCI_RAW_NODE_LIST_NAMES ioctl. User-space applications can
2006-05-17 00:13:07 +00:00
netinet
Implement internal (i.e. inside kernel) packet tagging using mbuf_tags(9).
2006-05-24 13:09:55 +00:00
netinet6
Avoid spurious release of an rtentry.
2006-05-23 00:32:22 +00:00
netipsec
Prevent disappearing SAD entries by implementing MPsafe refcounting.
2006-05-20 15:35:36 +00:00
netipx
Make this compile without INVARIANTS.
2006-04-11 23:15:47 +00:00
netkey
In raw and raw-derived socket types, maintain and enforce invariant that
2006-04-01 15:55:44 +00:00
netnatm
style(9) treatment following fixups.
2006-04-23 16:33:56 +00:00
netncp
In ncp_sysctl_connstat(), the SLIST_FOREACH() logic to check 'error'
2006-01-14 11:40:32 +00:00
netsmb
Retire NETSMBCRYPTO as a kernel option and make its functionality
2006-03-05 22:52:17 +00:00
nfs
nfs4client
NFS over TCP retransmit behavior should default to a 60 second time out,
2006-05-23 18:48:07 +00:00
nfsclient
NFS over TCP retransmit behavior should default to a 60 second time out,
2006-05-23 18:48:07 +00:00
nfsserver
Bump up the NFS server dupreq cache limit to 2K (from 64). With a small
2006-04-25 00:21:56 +00:00
opencrypto
Remove (now unused) crp_mac field.
2006-05-22 16:27:27 +00:00
pc98
- Add C-bus and ISA front-ends for le(4) so it can actually replace
2006-05-17 21:25:23 +00:00
pccard
I don't believe these are used at all, and can be safely removed
2006-01-15 06:49:28 +00:00
pci
Rename device name in the last commit. According to PR, the ID is
2006-05-24 11:55:25 +00:00
posix4
Don't allow non-root user to set a scheduler policy, otherwise this could
2006-05-21 00:40:38 +00:00
powerpc
Since DELAY() was moved, most <machine/clock.h> #includes have been
2006-05-16 14:37:58 +00:00
rpc
Fix up some cut-n-paste damage and some out-of-date comments.
2006-01-20 15:20:41 +00:00
security
Reconstitute struct mac_policy_ops by breaking out individual function
2006-04-26 14:18:55 +00:00
sparc64
Since DELAY() was moved, most <machine/clock.h> #includes have been
2006-05-16 14:37:58 +00:00
sys
GC long unused hostnamelen and domainnamelen.
2006-05-24 07:54:42 +00:00
tools
Fix a leftover "iwi_boot" string.
2006-01-30 16:32:08 +00:00
ufs
Take errmsg out of ffs_opts. It is already part of global_opts
2006-05-24 00:12:21 +00:00
vm
When allocating a bucket to hold a free'd item in UMA fails, don't
2006-05-21 23:25:32 +00:00
Makefile
Reimplementation of world/kernel build options. For details, see:
2006-03-17 18:54:44 +00:00