/[path-sandbox]/trunk/ChangeLog.0
Gentoo

Contents of /trunk/ChangeLog.0

Parent Directory Parent Directory | Revision Log Revision Log


Revision 128 - (show annotations) (download)
Sun Jul 3 18:48:50 2005 UTC (9 years, 1 month ago) by azarah
Original Path: trunk/ChangeLog
File size: 25457 byte(s)
* sandbox-1.2.10
1 # ChangeLog for Path Sandbox
2 # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2
3 # $Header$
4
5 * sandbox-1.2.10 (2005/07/03)
6
7 03 July 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
8 Add PREDICT items for nss-db, bug #92079. Patch from Robin Johnson.
9
10 17 June 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
11 General cleanups:
12 - Remove fooling around with exit codes - we error out on presence of a log
13 anyhow.
14 - Move get_sandbox_*_envvar() to sandbox_setup_environ(), as its more
15 appropriate there.
16
17 12 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
18 Cleanup the fail_nametoolong stuff a bit more.
19
20 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
21 Remove hopefully the last ld.so.preload bits we do not use anymore.
22
23 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
24 Remove the unneeded canonicalize() calls in the wrappers - we do it anyhow
25 in check_syscall(). Should speed things up a bit (at least for the getcwd()
26 and long path name test it goes down to under a second, and not 10+ seconds
27 like before). Also warn if we skip checking due to the canonicalized path
28 being too long.
29
30 11 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
31 More comment/readability cleanups.
32
33 10 June 2005; Martin Schlemmer <azarah@gentoo.org> canonicalize.c, getcwd.c,
34 sandbox_futils.c, libsandbox.c:
35 Some strncpy/strncat and other cleanups.
36
37 * sandbox-1.2.9 (2005/06/09)
38
39 09 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
40 Move symlink hack down a bit to try and minimize on the amount of lstat()
41 calls we do.
42
43 09 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c:
44 Add hack to allow writing to /proc/self/fd (or /dev/fd), bug #91516.
45
46 09 June 2005; Martin Schlemmer <azarah@gentoo.org> symbols.in, libsandbox.c:
47 Add wrapper for access() function, bug #85413.
48
49 09 June 2005; Martin Schlemmer <azarah@gentoo.org> getcwd.c:
50 Use generic getcwd() implementation from uclibc - should be more portable
51 and looks a bit cleaner.
52
53 09 June 2005; Martin Schlemmer <azarah@gentoo.org> getcwd.c, libsandbox.c:
54 Make sure our true_* pointers are initialized to NULL, and that we check for
55 all references that they are valid.
56
57 09 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
58 Be default we will fail if the path name we try to canonicalize is too long.
59 This however could cause issues with some things (bug #94630 and #21766), so
60 if fail_nametoolong == 0, canonicalize() will return a null length string and
61 do not fail.
62
63 08 June 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox_futils.c:
64 Do not abort if TMPDIR is not valid, but rather use '/tmp', bug #94360. Also
65 make sure we re-export the new TMPDIR environment variable.
66
67 08 June 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
68 Fix incorrect free of non-malloc'd array, bug #92313 and #94020. Fix noted
69 by Marcus D. Hanwell <cryos@gentoo.org>.
70
71 08 June 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
72 Add /dev/console to write list, bug #38588.
73
74 * sandbox-1.2.8 (2005/05/13)
75
76 13 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
77 sandbox.h, sandbox_futils.c:
78 General cleanups.
79
80 13 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
81 sandbox.h:
82 Various LD_PRELOAD cleanups. Do not unset LD_PRELOAD for parent.
83
84 13 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
85 sandbox.h, sandbox_futils.c:
86 Modify get_sandbox_pids_file(), get_sandbox_log() and get_sandbox_debug_log()
87 to use TMPDIR if present in environment.
88
89 13 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
90 Remove sandbox_log_file from main() as its no longer used.
91
92 13 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h,
93 sandbox_futils.c:
94 Add get_sandbox_debug_log(), and use it (add behaviour similar to SANDBOX_LOG
95 if already exported when sandbox started). Fix get_sandbox_log() and new
96 get_sandbox_debug_log() to not use already exported environment variables if
97 they have '/' in them. Use snprintf()'s instead of strncpy()'s. More
98 SB_PATH_MAX fixes.
99
100 * sandbox-1.2.7 (2005/05/12)
101
102 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h,
103 sandbox_futils.c:
104 More path limit fixes. Declare SB_BUF_LEN global and use it where needed.
105
106 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox_futils.c:
107 Fix paths limited to 255 chars. Fix get_sandbox_dir() returning a string
108 with '(null)' in it if we did not call sandbox with absolute path.
109
110 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
111 Set SANDBOX_ON *before* doing the child's env stuff, else its not set
112 for the child.
113
114 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
115 Remove global preload_adaptable as it is no longer used.
116
117 12 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
118 Rewrite environment stuff to only be set when execve'ing the child process
119 to try and avoid issues like bug #91541 that causes sandbox to crash if
120 we set LD_PRELOAD sandbox side already.
121
122 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
123 Move print_sandbox_log() up to make things neater.
124
125 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
126 Remove load_preload_libs(), as its not used anymore.
127
128 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h:
129 Remove NO_FORK stuff, as its not used, and 'strace -f' works just fine.
130
131 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h:
132 Remove USE_SYSTEM_SHELL stuff, as it is not secure, and not in use.
133
134 11 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h:
135 Remove ld.so.preload crap - we are not going to use it again.
136
137 10 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox_futils.c:
138 Fix typo in code that checks if we got valid group information, causing a
139 segmentation fault, bug #91637.
140
141 * sandbox-1.2.6 (2005/05/10)
142
143 10 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
144 Do not use LD_PRELOAD if it contains libtsocks.so, as it breaks sandbox
145 for some odd reason, bug #91541.
146
147 09 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
148 Fix typo (sizeof -> strlen).
149
150 08 May 2005; Brian Harring <ferringb@gentoo.org> libsandbox.c:
151 rewrote the sbcontext caching code so it accounts for env changes since lib
152 initialization.
153
154 05 May 2005; Martin Schlemmer <azarah@gentoo.org> configure.in, libctest.c:
155 We create libctest.c via configure, so no need to keep it around. Do some
156 cleanup related to libctest.c and libctest during configure.
157
158 04 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
159 Add rename support of symlinks pointing to protected files/directories.
160
161 * sandbox-1.2.5 (2005/05/04)
162
163 04 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
164 sandbox.bashrc:
165 Do not reset already set LD_PRELOAD when starting sandbox. If LD_PRELOAD is
166 already set, init of the env vars fails for some reason, so do this later on,
167 and do not warn (bug #91431).
168
169 03 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox.h,
170 sandbox.bashrc:
171 Fixup sandbox and sandbox.bashrc to call bash with the proper .bashrc.
172
173 * sandbox-1.2.4 (2005/05/03)
174
175 03 May 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
176 Do not init the env entries with each call, as it creates too many calls to
177 lstat, etc. Should speedup things a bit, bug #91040.
178
179 03 May 2005; Martin Schlemmer <azarah@gentoo.org> sandbox.c:
180 Add /dev/pty to default write list. Noticed by Morfic.
181
182 02 May 2005; Mike Frysinger <vapier@gentoo.org> configure.in, localdecls.h,
183 sandbox.h:
184 uClibc doesn't support dlvsym() so add a configure check to make sure it doesn't
185 exist. Also update localdecls.h so BROKEN_RTLD_NEXT isn't defined in uClibc.
186
187 * sandbox-1.2.3 (2005/04/29)
188
189 29 Apr 2005; Martin Schlemmer <azarah@gentoo.org> configure.in:
190 Do not check for (*&#$(* CXX or F77.
191
192 29 Apr 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
193 Do not append '/' to pathname in filter_path() if it already ends with it.
194
195 28 Apr 2005; Mike Frysinger <vapier@gentoo.org> Makefile.am, configure.in:
196 With az's help, clean up autotools to work with cross-compiling.
197
198 * sandbox-1.2.2 (2005/04/28)
199
200 28 Apr 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
201 Only check for /dev/{null,zero} for unlink hack, else ricers using /dev/shm
202 have issues; bug #90592.
203
204 * sandbox-1.2.1 (2005/04/23)
205
206 23 Apr 2005; Martin Schlemmer <azarah@gentoo.org> Makefile.am, canonicalize.c,
207 getcwd.c, libsandbox.c, localdecls.h, sandbox.h, sandbox_futils.c:
208 Make sure all functions used in libsandbox.c is declared static. Define
209 SB_STATIC in localdecls.h for this. Include sandbox_futils.c rather than
210 linking with its object. Hopefully this will fix bug #90153.
211
212 * sandbox-1.2 (2005/04/23)
213
214 22 Mar 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
215 Allow lchown a symlink in write-allowed path pointing to write-denied
216 target.
217
218 21 Mar 2005; Marius Mauch <genone@gentoo.org> libsandbox.c:
219 Also show resolved symlink names in the log.
220
221 14 Mar 2005; Martin Schlemmer <azarah@gentoo.org> Makefile.am, libsandbox.c:
222 Seems -nostdlib was the problem with the constructor/destructor - remove it
223 from Makefile.am, and change the constructor/destructor names again.
224
225 14 Mar 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
226 Also rename the _init() and _fini() declarations.
227
228 14 Mar 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c:
229 Fixup the constructor/destructor function names again (they should be _init()
230 and _fini() it seems, and not being called caused sandbox_lib_path to be
231 unset, and thus breaking the execve() wrapper's LD_PRELOAD protection).
232 Add both the path in given SANDBOX_x variable, as well as its symlink
233 resolved path in init_env_entries(). Modify filter_path() to be able to
234 resolve paths without resolving symlinks, as well as to be able to resolve
235 symlinks. Fix a possible segfault in check_access(). Add symlink resolving
236 to check_access() resolving bug #31019. Add 'hack' for unlink, as the fix
237 for bug #31019 cause access violations if we try to remove a symlink that is
238 not in protected path, but points to a protected path. Fix a memory leak in
239 sandbox.c (sandbox_pids_file in main()). Fix the realpath() calls in main()
240 (sandbox.c) being unchecked. Fix the debug logname not having the pid in it
241 (pid_string was uninitialized). General syntax cleanups.
242
243 09 Mar 2005; Brian Harring <ferringb@gentoo.org> sandbox.c: Fixed the
244 infamous "pids file is not a regular file" w/out newline bug.
245
246 09 Mar 2005; Brian Harring <ferringb@gentoo.org> Makefile.am, configure.in:
247 Correct libc_version path detection, since it was screwing up if libdir !=
248 "/lib/".
249
250 02 Mar 2005; Martin Schlemmer <azarah@gentoo.org> libsandbox.c:
251 Hack to make sure sandboxed process cannot remove a device node, bug #79836.
252
253 02 Mar 2005; Martin Schlemmer <azarah@gentoo.org> Makefile.am:
254 Fix symbols.in not added to dist.
255
256 02 Mar 2005; Martin Schlemmer <azarah@gentoo.org> Makefile.am, canonicalize.c,
257 getcwd.c, libsandbox.c, sandbox.c, sandbox.h, sandbox_futils.c:
258 White space fixes.
259
260 02 Mar 2005; Martin Schlemmer <azarah@gentoo.org> Makefile.am, canonicalize.c,
261 configure.in, getcwd.c, libsandbox.c, symbols.in:
262 Fix inverse test logic in canonicalize.c, use a strncpy. Fix gcc warning in
263 getcwd.c. Add symbols.in and logic to Makefile.am to generate symbol versions
264 for glibc and other libc's that use this. Update libsandbox.c to use these
265 symbol versions if available. Fix exec wrapper to re-export LD_PRELOAD if the
266 process unset it.
267
268 01 Mar 2005; Brian Harring <ferringb@gentoo.org> libsandbox.c:
269 killed off _init and _fini in favor of
270 void __attribute__ ((constructor)) init_func and
271 void __attribute__ ((destructor)) closing_func. _(init|func) were deprecated.
272
273 06 Dec 2004; Brian Harring <ferringb@gentoo.org> Makefile.am, libsandbox.c,
274 canonicalize.c, getcwd.c: Fixed compilation *again*. Hopefully cvs is done
275 having the hick-ups.
276
277 04 Dec 2004; Brian Harring <ferringb@gentoo.org> libsandbox.c, getcwd.c,
278 Makefile.am: Fixed compilation.
279
280 01 Dec 2004; Brian Harring <ferringb@gentoo.org> aclocal.m4:
281 Gutted the bugger so it stops checking for a c++ and fortran compiler.
282 Do *not* regenerate aclocal.m4 for making a release until a better
283 solution is created.
284
285 20 Nov 2004; Brian Harring <ferringb@gentoo.org> Makefile.am, sandbox_futils.c:
286 Removal of more hardcoded paths.
287
288 20 Nov 2004; Brian Harring <ferringb@gentoo.org> Makefile.am, configure.in,
289 sandbox_futils.c: tweaks to install sandbox.bashrc, and use it.
290
291 19 Nov 2004; Brian Harring <ferringb@gentoo.org>:
292 Sandbox is now autotooled, create-localdecls needs to be killed and the code
293 shifted into configure.in. Currently builds *one* libsandbox.so- if multiple
294 are desired (-m64 and -m32 for amd64), the ebuild should do it (imo).
295 To get to a point of testing, automake && autoconf; created requisite files w/
296 a(utomake|clocal)-1.8, and autoconf 2.59. Installs to /usr/, instead of
297 /lib and /usr/lib/portage/bin.
298
299 14 Nov 2004; Brian Harring <ferringb@gentoo.org> libsandbox.c, sandbox.c:
300 closing out bug #70225, potential overflow of the sandbox_pids_file var.
301
302 07 Nov 2004; Brian Harring <ferringb@gentoo.org> libsandbox.c: c99 standard,
303 (think it was at least) allows intermixing of code and data segments. bug #70351
304 should be fixed by this.
305
306 03 Nov 2004; Brian Harring <ferringb@gentoo.org> libsandbox.c, sandbox_futils.c:
307 futils fix from bug #65201 via solar, and libsandbox log path checks via #69137
308
309 02 Aug 2004; Nicholas Jones <carpaski@gentoo.org> libsandbox.c: Code from
310 Seth Robertson that tracked down all adjuct flags for read operations that
311 do not invoke a write operation.
312
313 04 Apr 2004; Nicholas Jones <carpaski@gentoo.org> libsandbox.c, sandbox.c:
314 Another fix from jstubbs regarding a free() on a stack variable for the
315 environment -- tracking now prevents extraneous free()'s segfault.
316
317 04 Apr 2004; Nicholas Jones <carpaski@gentoo.org> libsandbox.c, sandbox.c:
318 J. Stubbs tracked down a new bug where mkdir was failing to the patch on
319 the lstat in mkdir... it now only returns 0 or -1 as documented for mkdir.
320 Also remove the errno = ESUCCESS settings as documentation points out that
321 a library isn't allowed to do that.
322
323 04 Apr 2004; Nicholas Jones <carpaski@gentoo.org> libsandbox.c: Added a
324 file_security_check() function to check random potential exploits on files
325 that sandbox is to load and read -- Normally sandboxpids.tmp. This fixes
326 the 'system-crippling' exploits (bug 21923) and catches a few other
327 potential problems.
328
329 20 Mar 2004; Nicholas Jones <carpaski@gentoo.org> Makefile: Updates for
330 32/64 bit sandbox. Made CC and LD '?=' values to allow passed in CC to work.
331
332 20 Mar 2004; Nicholas Jones <carpaski@gentoo.org> libsandbox.c:
333 bug 42048 -- Fixed the lstat/errno conditions for mkdir <caleb@g.o>.
334 Added the 64/32 bit sandbox patch for AMD64 bug 32963 <brad/azarah>.
335
336 29 Feb 2004; Martin Schlemmer <azarah@gentoo.org> sandbox.c, sandbox_futils.c :
337 Fix permissions and group of pids file and logs. Permissions should be 0664
338 and group should be 'portage'. Bug #34260.
339
340 28 Feb 2004; Martin Schlemmer <azarah@gentoo.org> libsandbox.c :
341 Besides a small cleanup, redo how we replace LD_PRELOAD in the environ passed
342 to the real execve (in our execve wrapper). Seems that on some arches (sparc
343 among others) do not allow us to tamper with the readonly copy passed to
344 execve, so pass our own copy of the environment. Bug #42290.
345
346 11 Jan 2004; Nicholas Jones <carpaski@gentoo.org> create-decls:
347 Changed tail to head and added a notice about duration of glibc check.
348
349 21 Dec 2003; Nicholas Jones <carpaski@gentoo.org> create-decls:
350 Changed the glibc subversion check to use /usr/bin/* instead of /bin/sh
351 as there isn't a guarentee that it is dynamic.
352
353 02 Nov 2003; Martin Schlemmer <azarah@gentoo.org> libsandbox.c :
354 If 'file' passed to before_syscall(const char *func, const char *file) is
355 invalid, we should set errno to ENOENT, and not EINVAL. This should
356 close bug #32238.
357
358 14 Oct 2003; Martin Schlemmer <azarah@gentoo.org> libsandbox.c :
359 Fix a bug that occurs mainly on 64bit arch, where the file passed to
360 the functions we wrap, is invalid, and then cause canonicalize to pass
361 garbage to before_syscall(), thanks to great detective work from
362 Andrea Luzzardi <al@sig11.org> (bug #29846).
363
364 13 Oct 2003; Martin Schlemmer <azarah@gentoo.org> create-localdecls :
365 Add a uClibc detection patch from Peter S. Mazinger <ps.m@gmx.net>.
366
367 13 Oct 2003; Martin Schlemmer <azarah@gentoo.org> libsandbox.c :
368 Fix a bug in libsandbox.c 's checking in the rename wrapper - it basically
369 only checked the destination patch, and not the source, so we could move
370 a protected file to a unprotected directory, and then delete/modify it.
371 Thanks to Andrea Luzzardi (scox) <al@sig11.org>, bug #30992, for this fix.
372
373 12 Oct 2003; Nicholas Jones <carpaski@gentoo.org> sandbox.c :
374 Added python2.3 to the predict section/variable.
375
376 28 Sep 2003; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, sandbox.c,
377 sandbox.h, sandbox_futils.c :
378 Add support to set the pids file via SANDBOX_PIDS_FILE at startup. If
379 it is not set, it will revert to its old value.
380
381 27 Sep 2003; Martin Schlemmer <azarah@gentoo.org> libsandbox.c :
382 Fix our mkdir wrapper to check if the dir exist, and return EEXIST if so,
383 rather than failing with a violation, bug #29748.
384
385 27 Jul 2003; Martin Schlemmer <azarah@gentoo.org> libsandbox.c :
386 Fix canonicalize() to ignore calls with path = "".
387
388 27 Jul 2003; Martin Schlemmer <azarah@gentoo.org> getcwd.c, libsandbox.c,
389 sandbox_futils.c, canonicalize.c :
390 Once again coreutils fails, as my systems had 2.5 kernel, the getcwd system
391 call handled strings larger than PATH_MAX (bug #21766). It however does not
392 work the same on 2.4 kernels.
393
394 To fix, I added the posix implementation of getcwd() (from glibc cvs) that
395 do not need the system call. We use the default getcwd() function via a
396 wrapper (egetcwd), and then lstat the returned path. If lstat fails, it
397 means the current directory was removed, OR that the the system call for
398 getcwd failed (curious is that it do not fail and return NULL or set
399 errno, but rather just truncate the retured directory - usually from the
400 start), and if so, we use the generic getcwd() function (__egetcwd). Note
401 that we do not use the generic version all the time, as it calls lstat()
402 a great number of times, and performance degrade much.
403
404 29 Jun 2003; Martin Schlemmer <azarah@gentoo.org> create-localdecls,
405 libsandbox.c :
406 Make sure SB_PATH_MAX will not wrap. Fix two possible memory leaks.
407
408 22 Jun 2003; Martin Schlemmer <azarah@gentoo.org> libsandbox.c, canonicalize.c
409 create-localdecls :
410 When checking path names of files accessed, we need to canonicalize it, else
411 it may be a symlink in a 'write allowed' directory pointing to a file in a
412 directory we should not have write access to.
413
414 With something like coreutils-5.0, we have two problems:
415 1) One of the tests checks if getcwd() can return a path longer than
416 PATH_MAX. This test then tries to create a dir which even while
417 created local (mkdir("conftest2")), it ends up being resolved with
418 a name that is much larger than PATH_MAX. The problem now is that
419 canonicalize() have undefined behaviour when the path was too long
420 (returned wrongly truncated paths, etc), and pass the wrong path to
421 before_syscall() (causing the bogus sandbox violations).
422 2) The ecanonicalize() function we used, along with the canonicalize()
423 function did not support longer than PATH_MAX. This is partly a
424 cause for 1), but the error checking (rather lack of it) of calls
425 to erealpath() in canonicalize() was the prime reason for 1).
426
427 As we do not use this canonicalized name to call the function, we resolve this
428 by fixing canonicalize() to do better error checking, and ecanonicalize() as
429 well as all functions in libsandbox.c to use a PATH_MAX of 'PATH_MAX * 2'.
430 While they will resolve paths properly now, and can check if a write/read is
431 allowed, the functions called from the sandboxed environment will still work
432 as expected.
433
434 This should resolve bug #21766.
435
436 06 Apr 2003; Martin Schlemmer <azarah@gentoo.org> libsandbox.c :
437 For some reason sandbox fails with a 'open_wr' if you run 'locale -a' under
438 it (bug #16298).
439
440 Problem is that for some reason locale fopen's locale.alias with mode "rm".
441
442 -------------------------------------------------------
443 nosferatu root # grep fopen locale.log
444 fopen("/usr/share/locale/locale.alias", "rm"ACCESS DENIED open_wr: /usr/share/locale/locale.alias
445 nosferatu root #
446 --------------------------------------------------------
447
448 I checked the source of locale, but it have fopen with mode 'r', so
449 not sure where the "rm" mode comes from. Anyhow, changed the check in
450 before_syscall_open_char() to also see mode "rm" as readonly.
451
452 23 Feb 2003; Martin Schlemmer <azarah@gentoo.org> create-localdecls :
453
454 Add glibc-2.3 support.
455
456 22 Feb 2003; Martin Schlemmer <azarah@gentoo.org> sandbox.c :
457
458 Some /etc/ld.so.preload fixes. Just changed the #if defines to cover all
459 operations releated to preload, as well as only try to modify ld.so.preload
460 if we can. Also modify to write the pid to /tmp/sandboxpids.tmp even when
461 not using ld.so.preload. Fix to not write this instance of sandbox's pid
462 to /tmp/sandboxpids.tmp on exit if this is not the last sandbox running.
463
464 22 Feb 2003; Nicholas Jones <carpaski@gentoo.org> Makefile :
465
466 Changed the LD to CC for hppa.
467
468 22 Feb 2003; Nicholas Jones <carpaski@gentoo.org> create-localdecls :
469
470 Killed the previous changes I made.
471
472 17 Feb 2003; Nicholas Jones <carpaski@gentoo.org> create-localdecls :
473
474 Added parisc to BROKEN_RTLD_ARCHLIST to see if it we can fix the relocation probs.
475
476 09 Jan 2003; J Robert Ray <jrray@gentoo.org> sandbox.c :
477
478 Don't segfault if $HOME isn't set, set $HOME to "/" instead. Fixes bug 10868.
479
480 16 Dec 2002; Martin Schlemmer <azarah@gentoo.org> create-localdecls :
481
482 Fix memory leak for mips, bug #12236. Thanks to Torgeir Hansen <torgeir@trenger.ro>
483 for this fix.
484
485 4 Dec 2002; J Robert Ray <jrray@gentoo.org> sandbox.h sandbox_futils.c :
486
487 sandbox_futils defined a dirname() function that was masking the same
488 function in glibc and was broken (e.g.: SANDBOX_DIR was being set to
489 '/usr/lib/portage/bi/'). Fixed function to return expected results and
490 renamed it to sb_dirname() to no longer mask the glibc function. Closes bug
491 11231.
492
493 4 Dec 2002; Martin Schlemmer <azarah@gentoo.org> :
494
495 Fix a segfault in libsandbox.c if canonicalize() was called with
496 first parameter = NULL.
497
498 1 Sep 2002; Martin Schlemmer <azarah@gentoo.org> :
499
500 Fix my braindead 'return 1;' in a void function. Updated sandbox.c,
501 cleanup() for this.
502
503 Change cleanup() in sandbox.c not to exit with fail status if
504 the pidsfile is missing. We really should still display sandbox
505 violations if they occured.
506
507 31 Aug 2002; Martin Schlemmer <azarah@gentoo.org> :
508
509 Update cleanup() in sandbox.c to remove the PIDSFILE if this is
510 the last sandbox running.
511
512 25 Aug 2002; Martin Schlemmer <azarah@gentoo.org> :
513
514 Major cleanups to mainly libsandbox.c again.
515
516 22 Aug 2002; Martin Schlemmer <azarah@gentoo.org> :
517
518 Add copyrights to sandbox.h and sandbox_futils.h. If wrong, the
519 parties involved should please contact me so that we can fix it.
520
521 Add opendir wrapper to libsandbox.c.
522
523 21 Aug 2002; Martin Schlemmer <azarah@gentoo.org> :
524
525 Do some more cleanups to ecanonicalize(), as it dropped filenames in
526 rare cases (after my symlink cleanups), and caused glibc to bork.
527 These fixes went into canonicalize.c.
528
529 20 Aug 2002; Martin Schlemmer <azarah@gentoo.org> :
530
531 Fix spawn_shell() and main() in sandbox.c to properly return fail
532 status.
533
534 19 Aug 2002; Martin Schlemmer <azarah@gentoo.org> :
535
536 The new canonicalize() function in libsandbox.c also resolved symlinks,
537 which caused on cleaning sandbox errors if the symlink pointed to a
538 file in the live root. Ripped out canonicalize() and realpath() from
539 glibc; removed the symlink stuff, and changed them to ecanonicalize()
540 and erealpath().
541
542 18 Aug 2002; Martin Schlemmer <azarah@gentoo.org> :
543
544 Ripped out all the wrappers, and implemented those of InstallWatch.
545 Losts of cleanups and bugfixes. Implement a execve that forces
546 $LIBSANDBOX in $LD_PRELOAD. We can now thus do away with the feared
547 /etc/ld.so.preload (*g*) ... Made the needed changes to sandbox.c,
548 sandbox.h and sandbox_futils.c. Rewrote the Makefile for most
549 parts; it now have an install target.
550
551 Reformat the whole thing to look somewhat like the reworked sandbox.c
552 and new sandbox.h and sandbox_futils.c from:
553
554 Brad House <brad@mainstreetsoftworks.com>.
555
556 Additional Copyrights now due to the InstallWatch code:
557
558 Copyright (C) 1998-9 Pancrazio `Ezio' de Mauro <p@demauro.net>

Properties

Name Value
svn:eol-style native
svn:keywords Author Date Id Revision

  ViewVC Help
Powered by ViewVC 1.1.20