/[path-sandbox]/trunk/ChangeLog.0
Gentoo

Diff of /trunk/ChangeLog.0

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 47 Revision 142
1# ChangeLog for Path Sandbox 1# ChangeLog for Path Sandbox
2# Copyright 1999-2004 Gentoo Foundation; Distributed under the GPL v2 2# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2
3# $Header$ 3# $Header$
4
5 07 July 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
6 sandbox.h, sandbox_futils.c:
7 - Fix possible segfault in env init code.
8 - Major cleanup of sandbox_futils.c. Removed most of the functions as we now
9 write to /var/log/sandbox/, so in theory do not need all that.
10 - Redo the interface of the get_* functions so that we do not leak memory.
11 - Remove sandbox_dir and co - we are not using it anymore.
12 - Remove unused includes and variables.
13
14 06 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.h, sandbox_futils.c,
15 libsandbox.c:
16 - Change log dir to /var/log/sandbox/. Make sure the sandboxed process cannot
17 write to it.
18 - Clean up logging in libsandbox.c, and hopefully make it more consistant.
19 - Add check_prefixes() with major cleanup on check_access().
20 - Cleanup init_env_entries() and check_prefixes().
21
22 05 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h,
23 sandbox_futils.c, libsandbox.c:
24 Remove unused 'pids file' code.
25
26* sandbox-1.2.10 (2005/07/03)
27
28 03 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
29 Add PREDICT items for nss-db, bug #92079. Patch from Robin Johnson.
30
31 17 June 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
32 General cleanups:
33 - Remove fooling around with exit codes - we error out on presence of a log
34 anyhow.
35 - Move get_sandbox_*_envvar() to sandbox_setup_environ(), as its more
36 appropriate there.
37
38 12 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
39 Cleanup the fail_nametoolong stuff a bit more.
40
41 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
42 Remove hopefully the last ld.so.preload bits we do not use anymore.
43
44 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
45 Remove the unneeded canonicalize() calls in the wrappers - we do it anyhow
46 in check_syscall(). Should speed things up a bit (at least for the getcwd()
47 and long path name test it goes down to under a second, and not 10+ seconds
48 like before). Also warn if we skip checking due to the canonicalized path
49 being too long.
50
51 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
52 More comment/readability cleanups.
53
54 10 June 2005; Martin Schlemmer <azarah@gentoo.org> canonicalize.c, getcwd.c,
55 sandbox_futils.c, libsandbox.c:
56 Some strncpy/strncat and other cleanups.
57
58* sandbox-1.2.9 (2005/06/09)
59
60 09 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
61 Move symlink hack down a bit to try and minimize on the amount of lstat()
62 calls we do.
63
64 09 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c:
65 Add hack to allow writing to /proc/self/fd (or /dev/fd), bug #91516.
66
67 09 June 2005; Martin Schlemmer <azarah@gentoo.org> symbols.in, libsandbox.c:
68 Add wrapper for access() function, bug #85413.
69
70 09 June 2005; Martin Schlemmer <azarah@gentoo.org> getcwd.c:
71 Use generic getcwd() implementation from uclibc - should be more portable
72 and looks a bit cleaner.
73
74 09 June 2005; Martin Schlemmer <azarah@gentoo.org> getcwd.c, libsandbox.c:
75 Make sure our true_* pointers are initialized to NULL, and that we check for
76 all references that they are valid.
77
78 09 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
79 Be default we will fail if the path name we try to canonicalize is too long.
80 This however could cause issues with some things (bug #94630 and #21766), so
81 if fail_nametoolong == 0, canonicalize() will return a null length string and
82 do not fail.
83
84 08 June 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox_futils.c:
85 Do not abort if TMPDIR is not valid, but rather use '/tmp', bug #94360. Also
86 make sure we re-export the new TMPDIR environment variable.
87
88 08 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
89 Fix incorrect free of non-malloc'd array, bug #92313 and #94020. Fix noted
90 by Marcus D. Hanwell <cryos@gentoo.org>.
91
92 08 June 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
93 Add /dev/console to write list, bug #38588.
94
95* sandbox-1.2.8 (2005/05/13)
96
97 13 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
98 sandbox.h, sandbox_futils.c:
99 General cleanups.
100
101 13 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
102 sandbox.h:
103 Various LD_PRELOAD cleanups. Do not unset LD_PRELOAD for parent.
104
105 13 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
106 sandbox.h, sandbox_futils.c:
107 Modify get_sandbox_pids_file(), get_sandbox_log() and get_sandbox_debug_log()
108 to use TMPDIR if present in environment.
109
110 13 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
111 Remove sandbox_log_file from main() as its no longer used.
112
113 13 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h,
114 sandbox_futils.c:
115 Add get_sandbox_debug_log(), and use it (add behaviour similar to SANDBOX_LOG
116 if already exported when sandbox started). Fix get_sandbox_log() and new
117 get_sandbox_debug_log() to not use already exported environment variables if
118 they have '/' in them. Use snprintf()'s instead of strncpy()'s. More
119 SB_PATH_MAX fixes.
120
121* sandbox-1.2.7 (2005/05/12)
122
123 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h,
124 sandbox_futils.c:
125 More path limit fixes. Declare SB_BUF_LEN global and use it where needed.
126
127 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox_futils.c:
128 Fix paths limited to 255 chars. Fix get_sandbox_dir() returning a string
129 with '(null)' in it if we did not call sandbox with absolute path.
130
131 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
132 Set SANDBOX_ON *before* doing the child's env stuff, else its not set
133 for the child.
134
135 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
136 Remove global preload_adaptable as it is no longer used.
137
138 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
139 Rewrite environment stuff to only be set when execve'ing the child process
140 to try and avoid issues like bug #91541 that causes sandbox to crash if
141 we set LD_PRELOAD sandbox side already.
142
143 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
144 Move print_sandbox_log() up to make things neater.
145
146 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
147 Remove load_preload_libs(), as its not used anymore.
148
149 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h:
150 Remove NO_FORK stuff, as its not used, and 'strace -f' works just fine.
151
152 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h:
153 Remove USE_SYSTEM_SHELL stuff, as it is not secure, and not in use.
154
155 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h:
156 Remove ld.so.preload crap - we are not going to use it again.
157
158 10 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox_futils.c:
159 Fix typo in code that checks if we got valid group information, causing a
160 segmentation fault, bug #91637.
161
162* sandbox-1.2.6 (2005/05/10)
163
164 10 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
165 Do not use LD_PRELOAD if it contains libtsocks.so, as it breaks sandbox
166 for some odd reason, bug #91541.
167
168 09 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
169 Fix typo (sizeof -> strlen).
170
171 08 May 2005; Brian Harring <ferringb@gentoo.org> libsandbox.c:
172 rewrote the sbcontext caching code so it accounts for env changes since lib
173 initialization.
174
175 05 May 2005; Martin Schlemmer <azarah@gentoo.org> configure.in, libctest.c:
176 We create libctest.c via configure, so no need to keep it around. Do some
177 cleanup related to libctest.c and libctest during configure.
178
179 04 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
180 Add rename support of symlinks pointing to protected files/directories.
181
182* sandbox-1.2.5 (2005/05/04)
183
184 04 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
185 sandbox.bashrc:
186 Do not reset already set LD_PRELOAD when starting sandbox. If LD_PRELOAD is
187 already set, init of the env vars fails for some reason, so do this later on,
188 and do not warn (bug #91431).
189
190 03 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h,
191 sandbox.bashrc:
192 Fixup sandbox and sandbox.bashrc to call bash with the proper .bashrc.
193
194* sandbox-1.2.4 (2005/05/03)
195
196 03 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
197 Do not init the env entries with each call, as it creates too many calls to
198 lstat, etc. Should speedup things a bit, bug #91040.
199
200 03 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
201 Add /dev/pty to default write list. Noticed by Morfic.
202
203 02 May 2005; Mike Frysinger <vapier@gentoo.org> configure.in, localdecls.h,
204 sandbox.h:
205 uClibc doesn't support dlvsym() so add a configure check to make sure it doesn't
206 exist. Also update localdecls.h so BROKEN_RTLD_NEXT isn't defined in uClibc.
207
208* sandbox-1.2.3 (2005/04/29)
209
210 29 Apr 2005; Martin Schlemmer <azarah@gentoo.org> configure.in:
211 Do not check for (*&#$(* CXX or F77.
212
213 29 Apr 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
214 Do not append '/' to pathname in filter_path() if it already ends with it.
215
216 28 Apr 2005; Mike Frysinger <vapier@gentoo.org> Makefile.am, configure.in:
217 With az's help, clean up autotools to work with cross-compiling.
218
219* sandbox-1.2.2 (2005/04/28)
4 220
5 28 Apr 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c: 221 28 Apr 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
6 Only check for /dev/{null,zero} for unlink hack, else ricers using /dev/shm 222 Only check for /dev/{null,zero} for unlink hack, else ricers using /dev/shm
7 have issues; bug #90592. 223 have issues; bug #90592.
8 224
9* sandbox-1.2.1 225* sandbox-1.2.1 (2005/04/23)
10 226
11 23 Apr 2005; Martin Schlemmer <azarah@gentoo.org> Makefile.am, canonicalize.c, 227 23 Apr 2005; Martin Schlemmer <azarah@gentoo.org> Makefile.am, canonicalize.c,
12 getcwd.c, libsandbox.c, localdecls.h, sandbox.h, sandbox_futils.c: 228 getcwd.c, libsandbox.c, localdecls.h, sandbox.h, sandbox_futils.c:
13 Make sure all functions used in libsandbox.c is declared static. Define 229 Make sure all functions used in libsandbox.c is declared static. Define
14 SB_STATIC in localdecls.h for this. Include sandbox_futils.c rather than 230 SB_STATIC in localdecls.h for this. Include sandbox_futils.c rather than
15 linking with its object. Hopefully this will fix bug #90153. 231 linking with its object. Hopefully this will fix bug #90153.
16 232
17* sandbox-1.2 233* sandbox-1.2 (2005/04/23)
18 234
19 22 Mar 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c: 235 22 Mar 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
20 Allow lchown a symlink in write-allowed path pointing to write-denied 236 Allow lchown a symlink in write-allowed path pointing to write-denied
21 target. 237 target.
22 238

Legend:
Removed from v.47  
changed lines
  Added in v.142

  ViewVC Help
Powered by ViewVC 1.1.20