d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/usr.bin
History
Pawel Jakub Dawidek f9b20fc804 MFp4 @229086: 
Make use of Capsicum to protect kdump(1), as it might be used to parse data
from untrusted sources:

- Sandbox kdump(1) using capability mode.
- Limit stdin descriptor (where opened file is moved to) to only
  CAP_READ and CAP_FSTAT rights.
- Limit stdout descriptor to only CAP_WRITE, CAP_FSTAT and CAP_IOCTL.
  Plus limit allowed ioctls to TIOCGETA only, which is needed for
  isatty() to work.
- Limit stderr descriptor to only CAP_WRITE and CAP_FSTAT. In addition
  if the -s option is not given, grant CAP_IOCTL right, but allow for
  TIOCGWINSZ ioctl only, as we need screen width to dump the data.
- Before entering capability mode call catopen("libc", NL_CAT_LOCALE),
  which opens message catalogs and caches data, so that strerror(3)
  and strsignal(3) can work in a sandbox.

Sponsored by:	The FreeBSD Foundation
Discussed with:	rwatson
2013-05-28 21:25:28 +00:00
..
alias
apply
ar
Work around build breakages with GCC 4.2.
2013-05-23 05:42:35 +00:00
asa
at
- Do not bail out if stat(2) fails with ENOENT in the spool directory. This
2013-04-12 14:32:16 +00:00
atf
atm
awk
banner
basename
bc
Work around build breakages with GCC 4.2.
2013-05-23 05:42:35 +00:00
biff
Fix EXIT STATUS. biff reports its status when it was invoked.
2013-04-28 09:29:44 +00:00
bluetooth
bmake
Sync with upstream version (20130520) that includes same fixes made last week.
2013-05-20 22:51:11 +00:00
brandelf
bsdiff
bzip2
bzip2recover
Add the Clang specific -Wmissing-variable-declarations to WARNS=6.
2013-04-19 19:45:00 +00:00
c89
Make c89(1) invoke /usr/bin/cc with argv[0] also set to /usr/bin/cc,
2013-03-07 21:34:16 +00:00
c99
Make c99(1) invoke /usr/bin/cc with argv[0] set to "/usr/bin/cc" instead
2013-03-07 21:37:23 +00:00
calendar
REST IN PEACE
2013-05-10 20:02:15 +00:00
cap_mkdb
catman
chat
checknr
chkey
chpass
cksum
clang
Upgrade our copy of llvm/clang to trunk r178860, in preparation of the
2013-04-12 17:57:40 +00:00
cmp
col
colcrt
colldef
colrm
column
comm
compile_et
compress
cpio
MFV r248590,248594:
2013-03-22 13:36:03 +00:00
cpuset
csplit
csup
Improve compatibility with recent flex from flex.sourceforge.net.
2013-05-03 23:51:32 +00:00
ctags
ctlstat
Fix bugs in the elapsed time calculation in ctlstat_standard()
2013-04-11 21:18:04 +00:00
cut
dc
Properly handle '-h' argument.
2013-02-28 01:22:14 +00:00
dig
dirname
dtc
dtc: fix bootstrapping from 8.2-STABLE
2013-02-19 18:28:25 +00:00
du
ee
Fix spelling.
2013-03-11 13:08:32 +00:00
elf2aout
elfdump
enigma
env
expand
false
fetch
file
file2c
find
Add the Clang specific -Wmissing-variable-declarations to WARNS=6.
2013-04-19 19:45:00 +00:00
finger
fmt
fold
from
fstat
Similar to 233760 and 236717, export some more useful info about the
2013-05-03 21:11:57 +00:00
fsync
ftp
gcore
Add some missing DPADD.
2013-05-11 13:46:05 +00:00
gencat
getconf
getent
Add support for netgroup, based on patch in the PR but made consistent
2013-05-23 20:52:30 +00:00
getopt
gprof
rework old-style functions prototypes
2013-02-14 08:16:03 +00:00
grep
Revert r246917, as it is causing incorrect behaviour as reported on
2013-03-12 19:18:10 +00:00
gzip
head
Remove EOL whitespace accidentally introduced in r248393.
2013-03-17 06:57:25 +00:00
hesinfo
hexdump
Fix typo ('1' != 'l')
2013-03-04 02:21:06 +00:00
host
iconv
Let iconv build on -HEAD properly.
2013-05-23 18:07:01 +00:00
id
indent
Add the Clang specific -Wmissing-variable-declarations to WARNS=6.
2013-04-19 19:45:00 +00:00
ipcrm
ipcs
join
Cast *tabchar, a wchar_t, to a wint_t as it is the type the %lc printf
2013-02-04 10:05:55 +00:00
jot
kdump
MFp4 @229086:
2013-05-28 21:25:28 +00:00
keylogin
WARNS=6 compliance
2013-02-19 13:32:26 +00:00
keylogout
killall
ktrace
ktrdump
lam
last
lastcomm
ldd
leave
less
lessecho
lesskey
lex
Connect flex 2.5.37 to the build and bump __FreeBSD_version.
2013-05-21 19:32:35 +00:00
limits
locale
locate
lock
lockf
Add option to lockf to avoid creating a file if it does not exist.
2013-05-10 17:30:29 +00:00
logger
login
logins
logname
look
lorder
lsvfs
lzmainfo
m4
Work around build breakages with GCC 4.2.
2013-05-23 05:42:35 +00:00
mail
Fix undefined behaviour in usr.bin/mail/util.c.
2013-02-15 23:59:57 +00:00
make
Reverse the sense of the test wrt bmake, and guard against
2013-05-16 21:26:46 +00:00
makewhatis
man
mandoc
mesg
minigzip
ministat
mkcsmapper
Prevent shadowing.
2013-05-25 15:36:15 +00:00
mkcsmapper_static
mkdep
mkesdb
Prevent shadowing.
2013-05-25 15:36:15 +00:00
mkesdb_static
mkfifo
mklocale
Work around build breakages with GCC 4.2.
2013-05-23 05:42:35 +00:00
mkstr
mktemp
mkulzma
mkuzip
msgs
mt
nc
ncal
netstat
Replace hardcoded numbers. Also use interface-local scope name instead
2013-04-16 11:25:45 +00:00
newgrp
Print a warning if not setuid root.
2013-02-08 14:14:00 +00:00
newkey
nfsstat
Document that the NFSv4 server statistics are operation counts and
2013-05-01 22:16:29 +00:00
nice
nl
nohup
nslookup
nsupdate
opieinfo
opiekey
opiepasswd
pagesize
pamtest
passwd
paste
patch
Revert r250972 to fix build.
2013-05-25 07:17:16 +00:00
pathchk
perror
pr
printenv
printf
procstat
Make use of newly added libprocstat(3) ability to extract procstat
2013-04-20 08:22:09 +00:00
quota
rctl
Minor spelling and grammar fixes.
2013-04-11 19:05:24 +00:00
renice
Move example to EXAMPLES.
2013-03-17 06:36:04 +00:00
rev
revoke
rlogin
rpcgen
rpcinfo
rs
rsh
rup
ruptime
rusers
rwall
rwho
script
Fix version in the .Fx macro.
2013-03-16 22:37:56 +00:00
sed
seq
setchannel
shar
showmount
smbutil
sockstat
sort
split
Avoid signed overflow in error handling code.
2013-05-21 19:56:03 +00:00
ssh-copy-id
stat
stdbuf
su
systat
Make systat -vmstat to use suffixes to display big floating point numbers
2013-03-23 13:11:54 +00:00
tabs
tail
Remove EOL whitespace accidentally introduced in r248393.
2013-03-17 06:57:25 +00:00
talk
tar
MFV r248590,248594:
2013-03-22 13:36:03 +00:00
tcopy
tee
telnet
tftp
time
tip
top
Fix the 'C' field for a running thread to match the behavior described
2013-03-11 16:33:05 +00:00
touch
Constify where appropriate.
2013-04-23 13:03:17 +00:00
tput
tr
true
truncate
truss
Add arm bits to truss.
2013-03-07 23:44:35 +00:00
tset
tsort
tty
ul
uname
unexpand
unifdef
Update to upstream version 2.7
2013-03-28 20:33:07 +00:00
uniq
units
unvis
Replace our (un)vis(1) commands with implementations from NetBSD to
2013-03-15 00:05:50 +00:00
unzip
Replace deprecated (or remove obsolete) libarchive 2.8 functions
2013-03-22 10:17:42 +00:00
usbhidaction
usbhidctl
mdoc sweep.
2013-05-12 22:22:12 +00:00
users
uudecode
uuencode
vacation
Since clang 3.2 now has an option to suppress warnings about implicitly
2013-02-16 20:17:31 +00:00
vgrind
vi
vis
Replace our (un)vis(1) commands with implementations from NetBSD to
2013-03-15 00:05:50 +00:00
vmstat
w
wall
wc
what
whereis
which
who
whois
write
xargs
Style(9) changes fo xargs.c
2013-05-10 03:49:05 +00:00
xinstall
- Fix libmd dependency. It is needed in the bootstrap library list because
2013-02-14 08:32:07 +00:00
xlint
Improve compatibility with recent flex from flex.sourceforge.net.
2013-05-03 23:51:32 +00:00
xstr
xz
xzdec
yacc
yes
ypcat
ypmatch
ypwhich
Makefile
When the world is built WITHOUT_OPENSSH also don't
2013-04-28 17:58:11 +00:00
Makefile.amd64
Makefile.arm
Add arm bits to truss.
2013-03-07 23:44:35 +00:00
Makefile.i386
Makefile.ia64
Makefile.inc
Makefile.powerpc
Makefile.sparc64