CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2017/12/11 18:12:34
Modified files:
sys/kern : kern_fork.c kern_exec.c kern_pledge.c
syscalls.master
sys/sys : pledge.h proc.h
include : unistd.h
lib/libc/sys : execve.2 pledge.2
usr.bin/kdump : ktrstruct.c
Log message:
pledge()'s 2nd argument becomes char *execpromises, which becomes the
pledge for a new execve image immediately upon start. Also introduces
"error" which makes violations return -1 ENOSYS instead of killing the
program ("error" may not be handed to a setuid/setgid program, which
may be missing/ignoring syscall return values and would continue with
inconsistant state)
Discussion with many
florian has used this to improve the strictness of a daemon
