/[path-sandbox]/trunk/ChangeLog.0
Gentoo

Diff of /trunk/ChangeLog.0

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

trunk/ChangeLog Revision 120 trunk/ChangeLog.0 Revision 369
1# ChangeLog for Path Sandbox 1# ChangeLog for Path Sandbox
2# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 2# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2
3# $Header$ 3
4 01 Dec 2005; Martin Schlemmer <azarah@gentoo.org> configure.in, Makefile.am,
5 localdecls.h, scripts/Makefile.am, scripts/gen_symbol_version_map.awk,
6 scripts/gen_symbol_header.awk, src/Makefile.am, src/symbols.in,
7 src/libsandbox.c, src/getcwd.c, src/sandbox.c, data/sandbox.bashrc:
8
9 Use versioned symbols on supported libc's for functions we wrap, as well as
10 provide all versions of specific functions. Some syntax cleanups.
11
12 Only check SANDBOX_ACTIVE, and not its value. More BASH_ENV fixes.
13
14 Rename configure.in to configure.ac.
15
16 Fix non-versioned libc's to also prepend '__' to internal symbols by using
17 strong aliases.
18
19 Remove the SB_STATIC and including of getcwd.c, etc voodoo, as we new use a
20 symbol map, and all non-exported symbols are local. Cleanup getcwd.c, as
21 the generic getcwd for older 2.4 kernels do not work properly anyhow, and
22 just makes things slower. Some other warning fixes.
23
24 Rename src/symbols.in to src/symbols.h.in.
25
26 Cleanup local defines for egetcwd() and erealpath().
27
28 Rename filter_path() to resolve_path() and other renames for clarity.
29
30 Fixup SANDBOX_ON handling after already running changes.
31
32 Use egetcwd() in sandbox.c.
33
34 Rather use fstat() to get file size in file_length() than lseek().
35
36 Wrap mknod() as well. Misc cleanups.
37
38 Wrap mkfifo() as it seems it was missing.
39
40 28 Nov 2005; Martin Schlemmer <azarah@gentoo.org> configure.in, sandbox.c,
41 sandbox_fdutils.c:
42
43 Detect if we on 64bit arch automatically.
44
45 Update contact email. Fix quoting.
46
47 Revert 64bit arch test, as we should build the 32bit version without full
48 path checking as well, and add --enable-multilib switch to configure.
49
50* sandbox-1.2.14 (2005/11/28)
51
52 28 Nov 2005; Martin Schlemmer <azarah@gentoo.org> getcwd.c, libsandbox.c,
53 sandbox.c, sandbox.h, sandbox.bashrc:
54
55 Check generic getcwd()'s return as well for validity, bug #101728.
56
57 Cleanup environ variables.
58
59 Rather check SANDBOX_ACTIVE if we are already running. Set SANDBOX_ACTIVE
60 to readonly in sandbox.bashrc.
61
62 Make sure we use our bashrc.
63
64 01 Nov 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
65
66 Do not pass mode to true_open and true_open64 if not needed. Should fix a
67 segfault in some cases.
68
69* sandbox-1.2.13 (2005/09/12)
70
71 12 Sep 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, libsandbox.c:
72
73 Do not handle adding working directory to SANDBOX_WRITE, as portage does it
74 itself.
75
76 Make libsb_fini() do cleanup a bit more complete just in case we get another
77 uClibc 'call preloaded library fini before that of app' issue ... probably
78 will not help much, but we try.
79
80 04 Sep 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
81
82 Also allow symlink() system call to operate on a symlink in a writable path
83 that points to non-writable path, bug #104711.
84
85* sandbox-1.2.12 (2005/08/05)
86
87 05 Aug 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
88 sandbox.h:
89
90 Do not give an access violation if the access() system call do not have
91 write/read access - it does not actually modify, so we only need to return
92 not being able to write/read. Noted by Andres Loeh <kosmikus@gentoo.org>,
93 bug #101433.
94
95 If we are called from the command line, do not care about PORTAGE_TMPDIR,
96 and make the current directory the work directory. Also rename the variable
97 portage_tmp_dir to work_dir.
98
99 Remove the tmp_dir variable - we do not need it.
100
101 Improve error handling for get_sandbox_*_envvar() functions.
102
103 01 Aug 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
104
105 Still do normal log if debugging is requested.
106
107 Add support for SANDBOX_VERBOSE (enabled by default). Adjust SANDBOX_DEBUG
108 to only enable if equal to "1" or "yes".
109
110 Add /dev/tts to write permit, bug #42809.
111
112 27 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h,
113 sandbox_futils.c:
114
115 Do not resolve symlinks in PORTAGE_TMPDIR in sandbox .. we will handle that
116 in libsandbox .. bug #100309.
117
118 22 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.h:
119
120 Print all logging to stderr, bug #90343, comment #15, by Zac Medico.
121
122* sandbox-1.2.11 (2005/07/14)
123
124 14 July 2005; Martin Schlemmer <azarah@gentoo.org> getcwd.c:
125 Fix getcwd, bug #98419.
126
127 08 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox_futils.c,
128 libsandbox.c:
129 - Try to cleanup and make error handling/printing consistent.
130 - Remove old logs if present and conflicting with current.
131 - Fix compile error with previous change, and return rather then exit().
132
133 07 July 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
134 sandbox.h, sandbox_futils.c:
135 - Fix possible segfault in env init code.
136 - Major cleanup of sandbox_futils.c. Removed most of the functions as we now
137 write to /var/log/sandbox/, so in theory do not need all that.
138 - Redo the interface of the get_* functions so that we do not leak memory.
139 - Remove sandbox_dir and co - we are not using it anymore.
140 - Remove unused includes and variables.
141 - Only declare functions in sandbox_futils.c that are used in libsandbox.c when
142 OUTSIDE_LIBSANDBOX is not defined.
143 - Cleanup access/log printing. Make access printing honour NOCOLOR. Fix log
144 printing's last line not honouring NOCOLOR.
145
146 06 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.h, sandbox_futils.c,
147 libsandbox.c:
148 - Change log dir to /var/log/sandbox/. Make sure the sandboxed process cannot
149 write to it.
150 - Clean up logging in libsandbox.c, and hopefully make it more consistant.
151 - Add check_prefixes() with major cleanup on check_access().
152 - Cleanup init_env_entries() and check_prefixes().
153
154 05 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h,
155 sandbox_futils.c, libsandbox.c:
156 Remove unused 'pids file' code.
157
158* sandbox-1.2.10 (2005/07/03)
159
160 03 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
161 Add PREDICT items for nss-db, bug #92079. Patch from Robin Johnson.
162
163 17 June 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
164 General cleanups:
165 - Remove fooling around with exit codes - we error out on presence of a log
166 anyhow.
167 - Move get_sandbox_*_envvar() to sandbox_setup_environ(), as its more
168 appropriate there.
169
170 12 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
171 Cleanup the fail_nametoolong stuff a bit more.
4 172
5 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c: 173 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
6 Remove hopefully the last ld.so.preload bits we do not use anymore. 174 Remove hopefully the last ld.so.preload bits we do not use anymore.
7 175
8 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c: 176 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
Legend:
Removed from v.120  
changed lines
  Added in v.369
  ViewVC Help
Powered by ViewVC 1.1.13