/[gentoo-src]/sandbox/ChangeLog
Gentoo

Log of /sandbox/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log

Links to HEAD: (view) (download) (annotate)
Revision 1.60 - (view) (download) (annotate) - [select for diffs]
Fri May 13 15:24:31 2005 UTC (8 years ago) by azarah
Branch: MAIN
CVS Tags: HEAD, sandbox_1_2_8
Changes since 1.59: +3 -1 lines
Diff to previous 1.59 
* sandbox-1.2.8
Revision 1.59 - (view) (download) (annotate) - [select for diffs]
Fri May 13 15:23:28 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.58: +5 -1 lines
Diff to previous 1.58 
General cleanups.
Revision 1.58 - (view) (download) (annotate) - [select for diffs]
Fri May 13 14:18:05 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.57: +5 -1 lines
Diff to previous 1.57 
Various LD_PRELOAD cleanups.  Do not unset LD_PRELOAD for parent.
Revision 1.57 - (view) (download) (annotate) - [select for diffs]
Fri May 13 13:30:51 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.56: +6 -1 lines
Diff to previous 1.56 
Modify get_sandbox_pids_file(), get_sandbox_log() and get_sandbox_debug_log()
to use TMPDIR if present in environment.
Revision 1.56 - (view) (download) (annotate) - [select for diffs]
Fri May 13 12:53:15 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.55: +4 -1 lines
Diff to previous 1.55 
Remove sandbox_log_file from main() as its no longer used.
Revision 1.55 - (view) (download) (annotate) - [select for diffs]
Fri May 13 12:52:10 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.54: +9 -1 lines
Diff to previous 1.54 
Add get_sandbox_debug_log(), and use it (add behaviour similar to SANDBOX_LOG
if already exported when sandbox started).  Fix get_sandbox_log() and new
get_sandbox_debug_log() to not use already exported environment variables if
they have '/' in them.  Use snprintf()'s instead of strncpy()'s.  More
SB_PATH_MAX fixes.
Revision 1.54 - (view) (download) (annotate) - [select for diffs]
Thu May 12 00:09:00 2005 UTC (8 years ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_7
Changes since 1.53: +3 -1 lines
Diff to previous 1.53 
* sandbox-1.2.7
Revision 1.53 - (view) (download) (annotate) - [select for diffs]
Thu May 12 00:07:21 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.52: +5 -1 lines
Diff to previous 1.52 
More path limit fixes.  Declare SB_BUF_LEN global and use it where needed.
Revision 1.52 - (view) (download) (annotate) - [select for diffs]
Wed May 11 23:59:50 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.51: +5 -1 lines
Diff to previous 1.51 
Fix paths limited to 255 chars.  Fix get_sandbox_dir() returning a string
with '(null)' in it if we did not call sandbox with absolute path.
Revision 1.51 - (view) (download) (annotate) - [select for diffs]
Wed May 11 23:35:14 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.50: +5 -1 lines
Diff to previous 1.50 
Set SANDBOX_ON *before* doing the child's env stuff, else its not set
for the child.
Revision 1.50 - (view) (download) (annotate) - [select for diffs]
Wed May 11 23:28:42 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.49: +4 -1 lines
Diff to previous 1.49 
Remove global preload_adaptable as it is no longer used.
Revision 1.49 - (view) (download) (annotate) - [select for diffs]
Wed May 11 23:23:07 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.48: +6 -1 lines
Diff to previous 1.48 
Rewrite environment stuff to only be set when execve'ing the child process
to try and avoid issues like bug #91541 that causes sandbox to crash if
we set LD_PRELOAD sandbox side already.
Revision 1.48 - (view) (download) (annotate) - [select for diffs]
Wed May 11 15:52:08 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.47: +4 -1 lines
Diff to previous 1.47 
Move print_sandbox_log() up to make things neater.
Revision 1.47 - (view) (download) (annotate) - [select for diffs]
Wed May 11 15:48:18 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.46: +4 -1 lines
Diff to previous 1.46 
Remove load_preload_libs(), as its not used anymore.
Revision 1.46 - (view) (download) (annotate) - [select for diffs]
Wed May 11 15:42:45 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.45: +4 -1 lines
Diff to previous 1.45 
Remove NO_FORK stuff, as its not used, and 'strace -f' works just fine.
Revision 1.45 - (view) (download) (annotate) - [select for diffs]
Wed May 11 15:39:13 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.44: +4 -1 lines
Diff to previous 1.44 
Remove USE_SYSTEM_SHELL stuff, as it is not secure, and not in use.
Revision 1.44 - (view) (download) (annotate) - [select for diffs]
Wed May 11 15:36:36 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.43: +4 -1 lines
Diff to previous 1.43 
Remove ld.so.preload crap - we are not going to use it again.
Revision 1.43 - (view) (download) (annotate) - [select for diffs]
Tue May 10 07:38:49 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.42: +5 -1 lines
Diff to previous 1.42 
Fix typo in code that checks if we got valid group information, causing a
segmentation fault, bug #91637.
Revision 1.42 - (view) (download) (annotate) - [select for diffs]
Tue May 10 07:09:21 2005 UTC (8 years ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_6
Changes since 1.41: +3 -1 lines
Diff to previous 1.41 
* sandbox-1.2.6
Revision 1.41 - (view) (download) (annotate) - [select for diffs]
Tue May 10 07:08:21 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.40: +5 -1 lines
Diff to previous 1.40 
Do not use LD_PRELOAD if it contains libtsocks.so, as it breaks sandbox
for some odd reason, bug #91541.
Revision 1.40 - (view) (download) (annotate) - [select for diffs]
Mon May 9 18:00:45 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.39: +4 -1 lines
Diff to previous 1.39 
Fix typo (sizeof -> strlen).
Revision 1.39 - (view) (download) (annotate) - [select for diffs]
Sun May 8 11:27:37 2005 UTC (8 years ago) by ferringb
Branch: MAIN
Changes since 1.38: +5 -1 lines
Diff to previous 1.38 
rewrote sbcontext caching so it accounts for env changes since lib initialization.
Revision 1.38 - (view) (download) (annotate) - [select for diffs]
Wed May 4 23:35:39 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.37: +5 -1 lines
Diff to previous 1.37 
We create libctest.c via configure, so no need to keep it around.  Do some
cleanup related to libctest.c and libctest during configure.
Revision 1.37 - (view) (download) (annotate) - [select for diffs]
Wed May 4 15:33:47 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.36: +4 -1 lines
Diff to previous 1.36 
Add rename support of symlinks pointing to protected files/directories.
Revision 1.36 - (view) (download) (annotate) - [select for diffs]
Wed May 4 15:01:12 2005 UTC (8 years ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_5
Changes since 1.35: +3 -1 lines
Diff to previous 1.35 
* sandbox-1.2.5
Revision 1.35 - (view) (download) (annotate) - [select for diffs]
Wed May 4 14:46:50 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.34: +7 -1 lines
Diff to previous 1.34 
Do not reset already set LD_PRELOAD when starting sandbox.  If LD_PRELOAD is
already set, init of the env vars fails for some reason, so do this later on,
and do not warn (bug #91431).
Revision 1.34 - (view) (download) (annotate) - [select for diffs]
Tue May 3 21:43:50 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.33: +5 -1 lines
Diff to previous 1.33 
Fixup sandbox and sandbox.bashrc to call bash with the proper .bashrc.
Revision 1.33 - (view) (download) (annotate) - [select for diffs]
Tue May 3 11:07:38 2005 UTC (8 years ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_4
Changes since 1.32: +3 -1 lines
Diff to previous 1.32 
* sandbox-1.2.4
Revision 1.32 - (view) (download) (annotate) - [select for diffs]
Tue May 3 11:06:08 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 
Add bug # for previous change.
Revision 1.31 - (view) (download) (annotate) - [select for diffs]
Tue May 3 10:56:19 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.30: +5 -1 lines
Diff to previous 1.30 
Do not init the env entries with each call, as it creates too many calls to
lstat, etc.  Should speedup things a bit.
Revision 1.30 - (view) (download) (annotate) - [select for diffs]
Tue May 3 09:59:26 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.29: +4 -1 lines
Diff to previous 1.29 
Add /dev/pty to default write list.  Noticed by Morfic.
Revision 1.29 - (view) (download) (annotate) - [select for diffs]
Mon May 2 23:53:39 2005 UTC (8 years ago) by vapier
Branch: MAIN
Changes since 1.28: +6 -1 lines
Diff to previous 1.28 
dlvsym doesnt exist in uClibc
Revision 1.28 - (view) (download) (annotate) - [select for diffs]
Fri Apr 29 13:37:57 2005 UTC (8 years ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_3
Changes since 1.27: +6 -4 lines
Diff to previous 1.27 
sandbox-1.2.3
Revision 1.27 - (view) (download) (annotate) - [select for diffs]
Thu Apr 28 23:43:32 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.26: +4 -1 lines
Diff to previous 1.26 
Do not check for (*&#$(* CXX or F77.
Revision 1.26 - (view) (download) (annotate) - [select for diffs]
Thu Apr 28 22:41:57 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.25: +4 -1 lines
Diff to previous 1.25 
Do not append '/' to pathname in filter_path() if it already ends with it.
Revision 1.25 - (view) (download) (annotate) - [select for diffs]
Thu Apr 28 22:21:10 2005 UTC (8 years ago) by vapier
Branch: MAIN
Changes since 1.24: +5 -2 lines
Diff to previous 1.24 
fix cross-compiling and uclibc and all that jazz
Revision 1.24 - (view) (download) (annotate) - [select for diffs]
Thu Apr 28 16:18:36 2005 UTC (8 years ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_2
Changes since 1.23: +3 -1 lines
Diff to previous 1.23 
* sandbox-1.2.2
Revision 1.23 - (view) (download) (annotate) - [select for diffs]
Thu Apr 28 15:49:30 2005 UTC (8 years ago) by azarah
Branch: MAIN
Changes since 1.22: +5 -1 lines
Diff to previous 1.22 
Only check for /dev/{null,zero} for unlink hack, else ricers using /dev/shm
have issues; bug #90592.
Revision 1.22 - (view) (download) (annotate) - [select for diffs]
Sat Apr 23 21:03:40 2005 UTC (8 years, 1 month ago) by azarah
Branch: MAIN
Changes since 1.21: +3 -1 lines
Diff to previous 1.21 
Add sandbox-1.2 release comment to ChangeLog
Revision 1.21 - (view) (download) (annotate) - [select for diffs]
Sat Apr 23 20:52:57 2005 UTC (8 years, 1 month ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_1
Changes since 1.20: +3 -1 lines
Diff to previous 1.20 
sandbox-1.2.1
Revision 1.20 - (view) (download) (annotate) - [select for diffs]
Sat Apr 23 20:44:15 2005 UTC (8 years, 1 month ago) by azarah
Branch: MAIN
Changes since 1.19: +7 -1 lines
Diff to previous 1.19 
Make sure all functions used in libsandbox.c is declared static.  Define
SB_STATIC in localdecls.h for this.  Include sandbox_futils.c rather than
linking with its object.  Hopefully this will fix bug #90153.
Revision 1.19 - (view) (download) (annotate) - [select for diffs]
Mon Mar 21 23:30:13 2005 UTC (8 years, 2 months ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2
Changes since 1.18: +5 -1 lines
Diff to previous 1.18 
Allow lchown a symlink in write-allowed path pointing to write-denied target.
Revision 1.18 - (view) (download) (annotate) - [select for diffs]
Mon Mar 21 08:54:02 2005 UTC (8 years, 2 months ago) by genone
Branch: MAIN
Changes since 1.17: +4 -1 lines
Diff to previous 1.17 
show resolved symlinks in log
Revision 1.17 - (view) (download) (annotate) - [select for diffs]
Mon Mar 14 00:28:10 2005 UTC (8 years, 2 months ago) by azarah
Branch: MAIN
Changes since 1.16: +5 -1 lines
Diff to previous 1.16 
Seems -nostdlib was the problem with the constructor/destructor - remove it
from Makefile.am, and change the constructor/destructor names again.
Revision 1.16 - (view) (download) (annotate) - [select for diffs]
Sun Mar 13 23:29:28 2005 UTC (8 years, 2 months ago) by azarah
Branch: MAIN
Changes since 1.15: +4 -1 lines
Diff to previous 1.15 
Also rename the _init() and _fini() declarations.
Revision 1.15 - (view) (download) (annotate) - [select for diffs]
Sun Mar 13 23:23:00 2005 UTC (8 years, 2 months ago) by azarah
Branch: MAIN
Changes since 1.14: +16 -1 lines
Diff to previous 1.14 
Fixup the constructor/destructor function names again (they should be _init()
and _fini() it seems, and not being called caused sandbox_lib_path to be
unset, and thus breaking the execve() wrapper's LD_PRELOAD protection).
Add both the path in given SANDBOX_x variable, as well as its symlink
resolved path in init_env_entries().  Modify filter_path() to be able to
resolve paths without resolving symlinks, as well as to be able to resolve
symlinks.  Fix a possible segfault in check_access().  Add symlink resolving
to check_access() resolving bug #31019.  Add 'hack' for unlink, as the fix
for bug #31019 cause access violations if we try to remove a symlink that is
not in protected path, but points to a protected path.  Fix a memory leak in
sandbox.c (sandbox_pids_file in main()).  Fix the realpath() calls in main()
(sandbox.c) being unchecked.  Fix the debug logname not having the pid in it
(pid_string was uninitialized).  General syntax cleanups.
Revision 1.14 - (view) (download) (annotate) - [select for diffs]
Wed Mar 9 07:39:50 2005 UTC (8 years, 2 months ago) by ferringb
Branch: MAIN
Changes since 1.13: +4 -1 lines
Diff to previous 1.13 
happy output time.
missing new line.
Revision 1.13 - (view) (download) (annotate) - [select for diffs]
Wed Mar 9 07:34:30 2005 UTC (8 years, 2 months ago) by ferringb
Branch: MAIN
Changes since 1.12: +10 -6 lines
Diff to previous 1.12 
correct symbols.h building when libdir !+ "/lib"
Revision 1.12 - (view) (download) (annotate) - [select for diffs]
Wed Mar 2 17:30:16 2005 UTC (8 years, 2 months ago) by azarah
Branch: MAIN
Changes since 1.11: +4 -1 lines
Diff to previous 1.11 
Hack to make sure sandboxed process cannot remove a device node, bug #79836.
Revision 1.11 - (view) (download) (annotate) - [select for diffs]
Wed Mar 2 09:18:01 2005 UTC (8 years, 2 months ago) by azarah
Branch: MAIN
Changes since 1.10: +4 -1 lines
Diff to previous 1.10 
Fix symbols.in not added to dist.
Revision 1.10 - (view) (download) (annotate) - [select for diffs]
Wed Mar 2 09:04:45 2005 UTC (8 years, 2 months ago) by azarah
Branch: MAIN
Changes since 1.9: +6 -2 lines
Diff to previous 1.9 
White space fixes.
Revision 1.9 - (view) (download) (annotate) - [select for diffs]
Wed Mar 2 09:01:36 2005 UTC (8 years, 2 months ago) by azarah
Branch: MAIN
Changes since 1.8: +9 -1 lines
Diff to previous 1.8 
Fix inverse test logic in canonicalize.c, use a strncpy.  Fix gcc warning in
getcwd.c.  Add symbols.in and logic to Makefile.am to generate symbol versions
for glibc and other libc's that use this.  Update libsandbox.c to use these
symbol versions if available.  Fix exec wrapper to re-export LD_PRELOAD if the
process unset it.
Revision 1.8 - (view) (download) (annotate) - [select for diffs]
Wed Mar 2 05:48:12 2005 UTC (8 years, 2 months ago) by ferringb
Branch: MAIN
Changes since 1.7: +6 -1 lines
Diff to previous 1.7 
killed off _init and _fini in favor of
void __attribute__ ((constructor)) init_func and
void __attribute__ ((destructor)) closing_func.  _(init|func) were deprecated.
Revision 1.7 - (view) (download) (annotate) - [select for diffs]
Mon Dec 6 21:42:51 2004 UTC (8 years, 5 months ago) by ferringb
Branch: MAIN
Changes since 1.6: +5 -1 lines
Diff to previous 1.6 
hopefully cvs is done being stupid.  Compilation fixes, along w/ make dist fix.
Revision 1.6 - (view) (download) (annotate) - [select for diffs]
Sun Dec 5 05:42:10 2004 UTC (8 years, 5 months ago) by ferringb
Branch: MAIN
Changes since 1.5: +4 -1 lines
Diff to previous 1.5 
should make things compile again
Revision 1.5 - (view) (download) (annotate) - [select for diffs]
Thu Dec 2 02:25:36 2004 UTC (8 years, 5 months ago) by ferringb
Branch: MAIN
Changes since 1.4: +6 -1 lines
Diff to previous 1.4 
stupid libtool.
Revision 1.4 - (view) (download) (annotate) - [select for diffs]
Sat Nov 20 13:21:37 2004 UTC (8 years, 6 months ago) by ferringb
Branch: MAIN
Changes since 1.3: +4 -1 lines
Diff to previous 1.3 
corrections to remove hardcoded paths.
Revision 1.3 - (view) (download) (annotate) - [select for diffs]
Sat Nov 20 13:05:24 2004 UTC (8 years, 6 months ago) by ferringb
Branch: MAIN
Changes since 1.2: +5 -2 lines
Diff to previous 1.2 
removed the /usr/lib/portage/ hardcoded reference for bashrc.
Revision 1.2 - (view) (download) (annotate) - [select for diffs]
Fri Nov 19 22:11:38 2004 UTC (8 years, 6 months ago) by ferringb
Branch: MAIN
Changes since 1.1: +9 -1 lines
Diff to previous 1.1 
entry regarding cvs shift, and the beast being autotooled.
Revision 1.1.1.1 - (view) (download) (annotate) - [select for diffs] (vendor branch)
Fri Nov 19 22:03:44 2004 UTC (8 years, 6 months ago) by ferringb
CVS Tags: start
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 , to next main 1.60 
shift sandbox out of gentoo-src/portage to it's own directory, w/ appropriate autotooling.
Revision 1.1 - (view) (download) (annotate) - [select for diffs]
Fri Nov 19 22:03:44 2004 UTC (8 years, 6 months ago) by ferringb
Branch: MAIN 
Initial revision

This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, select a symbolic revision name using the selection box, or choose 'Use Text Field' and enter a numeric revision.

  Diffs between and
  Type of Diff should be a
Sort log by:

Sticky Tag:
  ViewVC Help
Powered by ViewVC 1.1.13