CVSROOT: /cvs
Module name: src
Changes by: b...@cvs.openbsd.org 2018/07/13 03:25:23
Modified files:
include : unistd.h
lib/libc : Symbols.list
lib/libc/hidden: unistd.h
lib/libc/sys : Makefile.inc pledge.2
regress/sys/kern: Makefile
sys/conf : files
sys/kern : init_sysent.c kern_exec.c kern_exit.c
kern_fork.c kern_pledge.c syscalls.c
syscalls.master vfs_lookup.c vfs_subr.c
vfs_syscalls.c
sys/sys : namei.h pledge.h proc.h syscall.h syscallargs.h
vnode.h
usr.bin/kdump : ktrstruct.c
Added files:
lib/libc/sys : unveil.2
sys/kern : kern_unveil.c
Log message:
Unveiling unveil(2).
This brings unveil into the tree, disabled by default - Currently
this will return EPERM on all attempts to use it until we are
fully certain it is ready for people to start using, but this
now allows for others to do more tweaking and experimentation.
Still needs to send the unveil's across forks and execs before
fully enabling.
Many thanks to robert@ and deraadt@ for extensive testing.
ok deraadt@
