/[gentoo-src]/sandbox/libsandbox.c
Gentoo

Log of /sandbox/libsandbox.c

Parent Directory Parent Directory | Revision Log Revision Log


Links to HEAD: (view) (download) (as text) (annotate)

Revision 1.25 - (view) (download) (as text) (annotate) - [select for diffs]
Sun Jun 5 07:45:28 2005 UTC (9 years, 5 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.24: +12 -13 lines
Diff to previous 1.24
whitespace tweaks


Revision 1.24 - (view) (download) (as text) (annotate) - [select for diffs]
Fri May 13 15:23:28 2005 UTC (9 years, 6 months ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_8
Changes since 1.23: +2 -4 lines
Diff to previous 1.23
General cleanups.


Revision 1.23 - (view) (download) (as text) (annotate) - [select for diffs]
Fri May 13 14:18:05 2005 UTC (9 years, 6 months ago) by azarah
Branch: MAIN
Changes since 1.22: +7 -7 lines
Diff to previous 1.22
Various LD_PRELOAD cleanups.  Do not unset LD_PRELOAD for parent.


Revision 1.22 - (view) (download) (as text) (annotate) - [select for diffs]
Fri May 13 13:30:51 2005 UTC (9 years, 6 months ago) by azarah
Branch: MAIN
Changes since 1.21: +10 -9 lines
Diff to previous 1.21
Modify get_sandbox_pids_file(), get_sandbox_log() and get_sandbox_debug_log()
to use TMPDIR if present in environment.


Revision 1.21 - (view) (download) (as text) (annotate) - [select for diffs]
Sun May 8 11:27:37 2005 UTC (9 years, 6 months ago) by ferringb
Branch: MAIN
CVS Tags: sandbox_1_2_6, sandbox_1_2_7
Changes since 1.20: +104 -33 lines
Diff to previous 1.20
rewrote sbcontext caching so it accounts for env changes since lib initialization.


Revision 1.20 - (view) (download) (as text) (annotate) - [select for diffs]
Wed May 4 15:33:47 2005 UTC (9 years, 6 months ago) by azarah
Branch: MAIN
Changes since 1.19: +3 -2 lines
Diff to previous 1.19
Add rename support of symlinks pointing to protected files/directories.


Revision 1.19 - (view) (download) (as text) (annotate) - [select for diffs]
Wed May 4 14:46:50 2005 UTC (9 years, 6 months ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_5
Changes since 1.18: +25 -25 lines
Diff to previous 1.18
Do not reset already set LD_PRELOAD when starting sandbox.  If LD_PRELOAD is
already set, init of the env vars fails for some reason, so do this later on,
and do not warn (bug #91431).


Revision 1.18 - (view) (download) (as text) (annotate) - [select for diffs]
Tue May 3 10:56:19 2005 UTC (9 years, 6 months ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_4
Changes since 1.17: +124 -118 lines
Diff to previous 1.17
Do not init the env entries with each call, as it creates too many calls to
lstat, etc.  Should speedup things a bit.


Revision 1.17 - (view) (download) (as text) (annotate) - [select for diffs]
Thu Apr 28 22:41:57 2005 UTC (9 years, 7 months ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_3
Changes since 1.16: +4 -3 lines
Diff to previous 1.16
Do not append '/' to pathname in filter_path() if it already ends with it.


Revision 1.16 - (view) (download) (as text) (annotate) - [select for diffs]
Thu Apr 28 15:49:30 2005 UTC (9 years, 7 months ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_2
Changes since 1.15: +3 -2 lines
Diff to previous 1.15
Only check for /dev/{null,zero} for unlink hack, else ricers using /dev/shm
have issues; bug #90592.


Revision 1.15 - (view) (download) (as text) (annotate) - [select for diffs]
Sat Apr 23 20:44:15 2005 UTC (9 years, 7 months ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2_1
Changes since 1.14: +3 -2 lines
Diff to previous 1.14
Make sure all functions used in libsandbox.c is declared static.  Define
SB_STATIC in localdecls.h for this.  Include sandbox_futils.c rather than
linking with its object.  Hopefully this will fix bug #90153.


Revision 1.14 - (view) (download) (as text) (annotate) - [select for diffs]
Mon Mar 21 23:30:13 2005 UTC (9 years, 8 months ago) by azarah
Branch: MAIN
CVS Tags: sandbox_1_2
Changes since 1.13: +3 -2 lines
Diff to previous 1.13
Allow lchown a symlink in write-allowed path pointing to write-denied target.


Revision 1.13 - (view) (download) (as text) (annotate) - [select for diffs]
Mon Mar 21 08:54:02 2005 UTC (9 years, 8 months ago) by genone
Branch: MAIN
Changes since 1.12: +7 -2 lines
Diff to previous 1.12
show resolved symlinks in log


Revision 1.12 - (view) (download) (as text) (annotate) - [select for diffs]
Mon Mar 14 00:28:10 2005 UTC (9 years, 8 months ago) by azarah
Branch: MAIN
Changes since 1.11: +5 -9 lines
Diff to previous 1.11
Seems -nostdlib was the problem with the constructor/destructor - remove it
from Makefile.am, and change the constructor/destructor names again.


Revision 1.11 - (view) (download) (as text) (annotate) - [select for diffs]
Sun Mar 13 23:29:28 2005 UTC (9 years, 8 months ago) by azarah
Branch: MAIN
Changes since 1.10: +3 -3 lines
Diff to previous 1.10
Also rename the _init() and _fini() declarations.


Revision 1.10 - (view) (download) (as text) (annotate) - [select for diffs]
Sun Mar 13 23:23:00 2005 UTC (9 years, 8 months ago) by azarah
Branch: MAIN
Changes since 1.9: +279 -109 lines
Diff to previous 1.9
Fixup the constructor/destructor function names again (they should be _init()
and _fini() it seems, and not being called caused sandbox_lib_path to be
unset, and thus breaking the execve() wrapper's LD_PRELOAD protection).
Add both the path in given SANDBOX_x variable, as well as its symlink
resolved path in init_env_entries().  Modify filter_path() to be able to
resolve paths without resolving symlinks, as well as to be able to resolve
symlinks.  Fix a possible segfault in check_access().  Add symlink resolving
to check_access() resolving bug #31019.  Add 'hack' for unlink, as the fix
for bug #31019 cause access violations if we try to remove a symlink that is
not in protected path, but points to a protected path.  Fix a memory leak in
sandbox.c (sandbox_pids_file in main()).  Fix the realpath() calls in main()
(sandbox.c) being unchecked.  Fix the debug logname not having the pid in it
(pid_string was uninitialized).  General syntax cleanups.


Revision 1.9 - (view) (download) (as text) (annotate) - [select for diffs]
Wed Mar 2 17:30:16 2005 UTC (9 years, 8 months ago) by azarah
Branch: MAIN
Changes since 1.8: +8 -11 lines
Diff to previous 1.8
Hack to make sure sandboxed process cannot remove a device node, bug #79836.


Revision 1.8 - (view) (download) (as text) (annotate) - [select for diffs]
Wed Mar 2 09:04:45 2005 UTC (9 years, 8 months ago) by azarah
Branch: MAIN
Changes since 1.7: +156 -224 lines
Diff to previous 1.7
White space fixes.


Revision 1.7 - (view) (download) (as text) (annotate) - [select for diffs]
Wed Mar 2 09:01:36 2005 UTC (9 years, 8 months ago) by azarah
Branch: MAIN
Changes since 1.6: +100 -89 lines
Diff to previous 1.6
Fix inverse test logic in canonicalize.c, use a strncpy.  Fix gcc warning in
getcwd.c.  Add symbols.in and logic to Makefile.am to generate symbol versions
for glibc and other libc's that use this.  Update libsandbox.c to use these
symbol versions if available.  Fix exec wrapper to re-export LD_PRELOAD if the
process unset it.


Revision 1.6 - (view) (download) (as text) (annotate) - [select for diffs]
Wed Mar 2 05:48:12 2005 UTC (9 years, 8 months ago) by ferringb
Branch: MAIN
Changes since 1.5: +10 -5 lines
Diff to previous 1.5
killed off _init and _fini in favor of
void __attribute__ ((constructor)) init_func and
void __attribute__ ((destructor)) closing_func.  _(init|func) were deprecated.


Revision 1.5 - (view) (download) (as text) (annotate) - [select for diffs]
Mon Dec 6 21:42:51 2004 UTC (9 years, 11 months ago) by ferringb
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4
hopefully cvs is done being stupid.  Compilation fixes, along w/ make dist fix.


Revision 1.4 - (view) (download) (as text) (annotate) - [select for diffs]
Sun Dec 5 06:14:21 2004 UTC (9 years, 11 months ago) by ferringb
Branch: MAIN
Changes since 1.3: +3 -2 lines
Diff to previous 1.3
compilation fixups.


Revision 1.3 - (view) (download) (as text) (annotate) - [select for diffs]
Sun Dec 5 05:42:10 2004 UTC (9 years, 11 months ago) by ferringb
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2
should make things compile again


Revision 1.2 - (view) (download) (as text) (annotate) - [select for diffs]
Thu Dec 2 05:20:50 2004 UTC (9 years, 11 months ago) by vapier
Branch: MAIN
Changes since 1.1: +2 -1 lines
Diff to previous 1.1
need to include config.h


Revision 1.1.1.1 - (view) (download) (as text) (annotate) - [select for diffs] (vendor branch)
Fri Nov 19 22:03:46 2004 UTC (10 years ago) by ferringb
CVS Tags: start
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 , to next main 1.25
shift sandbox out of gentoo-src/portage to it's own directory, w/ appropriate autotooling.


Revision 1.1 - (view) (download) (as text) (annotate) - [select for diffs]
Fri Nov 19 22:03:46 2004 UTC (10 years ago) by ferringb
Branch: MAIN
Initial revision


This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, select a symbolic revision name using the selection box, or choose 'Use Text Field' and enter a numeric revision.

  Diffs between and
  Type of Diff should be a

Sort log by:

Sticky Tag:

  ViewVC Help
Powered by ViewVC 1.1.20