> + if (pledge("proc id stdio rpath wpath cpath tty", NULL) == -1)
Yes, as sail currently stands, the list of promises for sail would have
to look something like that. However, the problem with sail is not the
list of pledge promises. The design of sail requires the program to be
setgid game
On Sun, Apr 03, 2016 at 10:31:33AM +0200, Martin Natano wrote:
> On Sun, Apr 03, 2016 at 09:14:40AM +0200, Otto Moerbeek wrote:
> > On Sat, Apr 02, 2016 at 09:13:20PM +, H??ctor Luis Gimbatti wrote:
> >
> > > Hi,
> > > Apparently the error seems to be in /usr/src/usr.bin/grep/util.c at line
For the specific case of openssl:
It uses perror with only one exception for which I include a diff below.
It would be no hard to replace each perror(str) + exit(1) by err(1, str)
I don’t know which is better
Cheers
Index: openssl.c
Index: crypt.c
===
RCS file: /cvs/src/lib/libc/crypt/crypt.c,v
retrieving revision 1.31
diff -u -p -r1.31 crypt.c
--- crypt.c 12 Sep 2015 14:56:50 - 1.31
+++ crypt.c 4 Apr 2016 02:57:09 -
@@ -7,15 +7,10 @@
char *
libc has a number of macros for dealing with thread safety such that it
can operate efficiently when single-threaded but Do The Right Thing when
multi-threaded. In include/thread_private.h are two sets of macros that
look interchangable but that are quite different on the underside.
_MUTEX_LO
this deprecates M_FILDROP.
it is only set by bpf, and it is only respected on inbound packets.
however, packets may be marked for dropping early, but it only comes
into effect very late.
this moves the dropping to right after the bpf calls. this is easy
now that if_input run bpf on behalf of the
Héctor Luis Gimbatti wrote:
> I noticed there are (at least 2) diferent ways to handle a pledge
> error (eg: /usr/src/usr.bin/):
>
> If (pledge(args, NULL) == -1)
> . err(1, "pledge"); (wc; w; ..)
> . perror("pledge"); exit(EXIT_CODE); (vi; openssl; ...)
>
> I am not familiar with the case of use
Bob Beck wrote:
> No. DNS based whitelisting does not belong in there. because it is
> slow and DOS'able
>
> spamd is designed to be high speed low drag. If you want to do a DNS
> based whitelist, write a little co-thing that spits one into a file or
> into your nospamd table that then spamd *doe
Greetings,
I noticed there are (at least 2) diferent ways to handle a pledge error (eg:
/usr/src/usr.bin/):
If (pledge(args, NULL) == -1)
. err(1, "pledge"); (wc; w; ..)
. perror("pledge"); exit(EXIT_CODE); (vi; openssl; ...)
I am not familiar with the case of use of each function but perror + e
Index: main.c
===
RCS file: /cvs/src/games/sail/main.c,v
retrieving revision 1.11
diff -u -p -r1.11 main.c
--- main.c 8 Jan 2016 20:26:33 - 1.11
+++ main.c 4 Apr 2016 01:19:59 -
@@ -45,6 +45,9 @@ main(int
not just on interfaces with tunnel addresses on them
ok?
Index: ifconfig.c
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.317
diff -u -p -r1.317 ifconfig.c
--- ifconfig.c 2 Mar 2016 19:45:10 - 1.31
On Sun, Apr 3, 2016 at 2:32 PM, Miod Vallat wrote:
>> evil about the reset stuff, or just debug bits? m88k also calls it from
>> cpu_switchto; other archs have inlined it...)
>
> The use of savectx() in cpu_switchto on m88k was simply to avoid code
> duplication. If you have longterm plans involv
> evil about the reset stuff, or just debug bits? m88k also calls it from
> cpu_switchto; other archs have inlined it...)
The use of savectx() in cpu_switchto on m88k was simply to avoid code
duplication. If you have longterm plans involving the demise of
savectx(), it can easily be inlined int
One small trap to getdelim()/getline() is that the caller needs to free
lineptr, even if it NULL when called and the call failed, ala:
char *buf = NULL;
size_t len = 0;
ssize_t ret;
ret = getline(&buf, &len, fp);
if (ret == -1) {
free(buf);
On 03/31/16 14:07, Alexander Bluhm wrote:
> On Wed, Mar 30, 2016 at 10:44:14PM +0200, Vincent Gross wrote:
>> This diff moves the "are we binding to a privileged port while not being
>> root ?"
>> check from in(6)_pcbaddrisavail() to in_pcbbind().
>
>> --- sys/netinet/in_pcb.c 26 Mar 2016 21:
On 03/31/16 14:07, Alexander Bluhm wrote:
> On Wed, Mar 30, 2016 at 10:44:14PM +0200, Vincent Gross wrote:
>> This diff moves the "are we binding to a privileged port while not being
>> root ?"
>> check from in(6)_pcbaddrisavail() to in_pcbbind().
>
>> --- sys/netinet/in_pcb.c 26 Mar 2016 21:
On Sun, 3 Apr 2016, Philip Guenther wrote:
> amd64's savectx() only updates pcb_rsp and pcb_rbp, which in cpu_fork()
> are promptly overwriten in the child's pcb, so do the same
> simplification as on i386.
Thinking about this more, I believe these savectx() calls date from when
cpu_fork() work
> Date: Sun, 3 Apr 2016 12:04:47 -0700
> From: Philip Guenther
>
> amd64's savectx() only updates pcb_rsp and pcb_rbp, which in cpu_fork()
> are promptly overwriten in the child's pcb, so do the same simplification
> as on i386.
>
> ok?
ok kettenis@
> Index: vm_machdep.c
> ==
On Sun, Apr 03, 2016 at 06:56:52PM +0200, Mark Kettenis wrote:
> > Date: Sun, 3 Apr 2016 16:57:10 +0200
> > From: Patrick Wildt
> >
> > Hi,
> >
> > now we're able to get a node's memory address. Though, a device tree
> > may implement so called ranges. Those ranges are used to translate from
>
amd64's savectx() only updates pcb_rsp and pcb_rbp, which in cpu_fork()
are promptly overwriten in the child's pcb, so do the same simplification
as on i386.
ok?
Philip Guenther
Index: vm_machdep.c
===
RCS file: /cvs/src/sys/arch
On Sun, Apr 03, 2016 at 06:51:47PM +0200, Theo Buehler wrote:
> > > + if (pledge("stdio rpath getpw proc wpath cpath
> > > inet ioctl sendfd recvfd",
> > > +NULL) == -1) {
> > > + fatalx("pledge");
> > > +
On Sun, Apr 03, 2016 at 06:51:47PM +0200, Theo Buehler wrote:
> > > + if (pledge("stdio rpath getpw proc wpath cpath
> > > inet ioctl sendfd recvfd",
> > > +NULL) == -1) {
> > > + fatalx("pledge");
> > > +
Hi,
If you've used the SQLite C library, you're familiar with where their
docs live:
https://www.sqlite.org/c3ref/intro.html
If you're on OpenBSD, you started with "apropos -s3 sqlite3", were
shocked that there's nothing there, then moved on to Google with a
wounding confusion in your heart.
Th
On Sun, Apr 03, 2016 at 07:07:27PM +0200, frit...@alokat.org wrote:
> - sendfd / recvfd are for active ftp
> - ioctl is e.g. used for "ls" after ftp(1) established a connection
> I'm not exactly sure why, as there is no ioctl(2) call, but maybe
> in one underlaying library.
> - proc for fork e.
On Sun, Apr 03, 2016 at 06:51:47PM +0200, Theo Buehler wrote:
> > > + if (pledge("stdio rpath getpw proc wpath cpath
> > > inet ioctl sendfd recvfd",
> > > +NULL) == -1) {
> > > + fatalx("pledge");
> > > +
On Sun, Apr 03, 2016 at 06:28:21PM +0200, Sebastien Marie wrote:
> On Sun, Apr 03, 2016 at 06:09:21PM +0200, frit...@alokat.org wrote:
> > On Sat, Apr 02, 2016 at 04:38:10PM +0200, frit...@alokat.org wrote:
> > > Hi,
> > >
> > > this adds pledge(2) to ftpd(8).
> > >
> > > --f.
> > >
> >
> > Wit
> Date: Sun, 3 Apr 2016 16:57:10 +0200
> From: Patrick Wildt
>
> Hi,
>
> now we're able to get a node's memory address. Though, a device tree
> may implement so called ranges. Those ranges are used to translate from
> one address space to another.
>
> This is used on a few machines, for insta
> > + if (pledge("stdio rpath getpw proc wpath cpath
> > inet ioctl sendfd recvfd",
> > + NULL) == -1) {
> > + fatalx("pledge");
> > + }
>
> whoa, still a big list of promise
On Sun, Apr 03, 2016 at 06:28:21PM +0200, Sebastien Marie wrote:
> > +
> > + if (pledge("stdio rpath getpw proc wpath cpath
> > inet ioctl sendfd recvfd",
> > + NULL) == -1) {
> > + fatalx("pledge");
>
> Date: Sun, 3 Apr 2016 16:11:40 +0200
> From: Stefan Kempf
>
> This flag caused amaps to be allocated with additional spare slots, to
> make extending them cheaper. However, the kernel never extends amaps,
> so allocating spare slots is pointless. Also UVM_FLAG_AMAPPAD only
> has an effect in co
On Sun, Apr 03, 2016 at 04:11:40PM +0200, Stefan Kempf wrote:
> This flag caused amaps to be allocated with additional spare slots, to
> make extending them cheaper. However, the kernel never extends amaps,
> so allocating spare slots is pointless. Also UVM_FLAG_AMAPPAD only
> has an effect in comb
On Sun, Apr 03, 2016 at 06:09:21PM +0200, frit...@alokat.org wrote:
> On Sat, Apr 02, 2016 at 04:38:10PM +0200, frit...@alokat.org wrote:
> > Hi,
> >
> > this adds pledge(2) to ftpd(8).
> >
> > --f.
> >
>
> With help from semarie@ the original diff was changed a little
> bit.
>
> The following
On Sat, Apr 02, 2016 at 04:38:10PM +0200, frit...@alokat.org wrote:
> Hi,
>
> this adds pledge(2) to ftpd(8).
>
> --f.
>
With help from semarie@ the original diff was changed a little
bit.
The following processes are pledged:
- [priv post-auth]
- User-privileged slave
- Unprivileged slave
As
Hi,
now we're able to get a node's memory address. Though, a device tree
may implement so called ranges. Those ranges are used to translate from
one address space to another.
This is used on a few machines, for instance on the raspberry pi:
/ {
#address-cells = <0x1>;
#size-cells
This flag caused amaps to be allocated with additional spare slots, to
make extending them cheaper. However, the kernel never extends amaps,
so allocating spare slots is pointless. Also UVM_FLAG_AMAPPAD only
has an effect in combination with UVM_FLAG_OVERLAY. The only function
that used both flags
Hi tech,
Maybe it's too early to ask. I am not even sure if it's a good idea:
If a process's pledge promises could be useful in something other than
security like process scheduling or perhaps in memory management.
Thanks,
Arun
> Can someone make sure this doesn't break armish/zaurus?
No noticeable regression on armish.
On Sun, Apr 03, 2016 at 09:14:40AM +0200, Otto Moerbeek wrote:
> On Sat, Apr 02, 2016 at 09:13:20PM +, H??ctor Luis Gimbatti wrote:
>
> > Hi,
> > Apparently the error seems to be in /usr/src/usr.bin/grep/util.c at line
> > 400:
> >
> > if ((!(lflag || cflag)) && ((!(bol || eol)) &&
>
> Date: Sun, 3 Apr 2016 00:39:14 -0700
> From: Philip Guenther
>
> On Sat, 2 Apr 2016, Philip Guenther wrote:
> > I ask as I see some "this can't work" logic between the kernel and gdb for
> > at least i386 and possibly others and I'd like to hear what *is* working
> > that I should verify I do
> Date: Sat, 2 Apr 2016 20:42:15 -0700
> From: Philip Guenther
>
> The gdb in base, when used against a live kernel or crash dump, is
> supposed to be able to backtrace individual threads via the kvm proc and
> kvm pcb commands. Is anyone actually using these on 5.9 or -current? If
> so, whi
On Sat, 2 Apr 2016, Philip Guenther wrote:
> I ask as I see some "this can't work" logic between the kernel and gdb for
> at least i386 and possibly others and I'd like to hear what *is* working
> that I should verify I don't break when making changes...
Here's a quick fix for the initial bug th
On Sat, Apr 02, 2016 at 09:13:20PM +, H??ctor Luis Gimbatti wrote:
> Hi,
> Apparently the error seems to be in /usr/src/usr.bin/grep/util.c at line 400:
>
> if ((!(lflag || cflag)) && ((!(bol || eol)) &&
> ((lastHalfDot) && ((firstHalfDot < 0) ||
> ((fg->patter
42 matches
Mail list logo