| /[path-sandbox]/trunk/ChangeLog |
Parent Directory
| 
Revision Log
Revert 64bit arch test, as we should build the 32bit version without full path checking as well, and add --enable-multilib switch to configure.
Update contact email. Fix quoting.
Detect if we on 64bit arch automatically.
Sandbox 1.2.14 release.
Make sure we use our bashrc.
Rather check SANDBOX_ACTIVE if we are already running. Set SANDBOX_ACTIVE to readonly in sandbox.bashrc.
Cleanup environ variables.
Check generic getcwd()'s return as well for validity, bug #101728.
Do not pass mode to true_open and true_open64 if not needed. Should fix a segfault in some cases.
Fix wrong version number.
Release sandbox-1.2.13.
Make libsb_fini() do cleanup a bit more complete just in case we get another uClibc 'call preloaded library fini before that of app' issue ... probably will not help much, but we try.
Do not handle adding working directory to SANDBOX_WRITE, as portage does it itself.
Also allow symlink() system call to operate on a symlink in a writable path that points to non-writable path, bug #104711.
Release sandbox-1.2.12.
Improve error handling for get_sandbox_*_envvar() functions.
Remove the tmp_dir variable - we do not need it.
If we are called from the command line, do not care about PORTAGE_TMPDIR, and make the current directory the work directory. Also rename the variable portage_tmp_dir to work_dir.
Do not give an access violation if the access() system call do not have write/read access - it does not actually modify, so we only need to return not being able to write/read. Noted by Andres Loeh <kosmikus@gentoo.org>, bug #101433.
Add /dev/tts to write permit, bug #42809.
Add support for SANDBOX_VERBOSE (enabled by default). Adjust SANDBOX_DEBUG to only enable if equal to 1 or yes.
Still do normal log if debugging is requested.
Do not resolve symlinks in PORTAGE_TMPDIR in sandbox .. we will handle that in libsandbox .. bug #100309.
Print all logging to stderr, bug #90343, comment #15, by Zac Medico.
Release sandbox-1.2.11.
Fix getcwd, bug #98419.
Fix compile error with previous change, and return rather then exit().
Remove old logs if present and conflicting with current.
Try to cleanup and make error handling/printing consistent.
Cleanup access/log printing. Make access printing honour NOCOLOR. Fix log printing's last line not honouring NOCOLOR.
Only declare functions in sandbox_futils.c that are used in libsandbox.c when OUTSIDE_LIBSANDBOX is not defined.
Remove unused includes and variables.
Remove sandbox_dir and co - we are not using it anymore.
Redo the interface of the get_* functions so that we do not leak memory.
Major cleanup of sandbox_futils.c. Removed most of the functions as we now write to /var/log/sandbox/, so in theory do not need all that.
Fix possible segfault in env init code.
Cleanup init_env_entries() and check_prefixes().
Add check_prefixes() with major cleanup on check_access().
Clean up logging in libsandbox.c, and hopefully make it more consistant.
Change log dir to /var/log/sandbox/. Make sure the sandboxed process cannot write to it.
Remove unused 'pids file' code.
* sandbox-1.2.10
Add PREDICT items for nss-db, bug #92079. Patch from Robin Johnson.
Move get_sandbox_*_envvar() to sandbox_setup_environ(), as its more appropriate there.
Remove fooling around with exit codes - we error out on presence of a log anyhow.
Cleanup the fail_nametoolong stuff a bit more.
Remove hopefully the last ld.so.preload bits we do not use anymore.
Remove the unneeded canonicalize() calls in the wrappers - we do it anyhow in check_syscall(). Should speed things up a bit (at least for the getcwd() and long path name test it goes down to under a second, and not 10+ seconds like before). Also warn if we skip checking due to the canonicalized path being too long.
More comment/readability cleanups
Some strncpy/strncat and other cleanups.
* sandbox-1.2.9
Move symlink hack down a bit to try and minimize on the amount of lstat() calls we do.
Add hack to allow writing to /proc/self/fd (or /dev/fd), bug #91516.
Add wrapper for access() function, bug #85413.
Use generic getcwd() implementation from uclibc - should be more portable and looks a bit cleaner.
Make sure our true_* pointers are initialized to NULL, and that we check for all references that they are valid.
Be default we will fail if the path name we try to canonicalize is too long. This however could cause issues with some things (bug #94630 and #21766), so if fail_nametoolong == 0, canonicalize() will return a null length string and do not fail.
Do not abort if TMPDIR is not valid, but rather use '/tmp', bug #94360. Also make sure we re-export the new TMPDIR environment variable.
Fix incorrect free of non-malloc'd array, bug #92313 and #94020. Fix noted by Marcus D. Hanwell <cryos@gentoo.org>.
Add /dev/console to write list, bug #38588.
* sandbox-1.2.8
General cleanups.
Various LD_PRELOAD cleanups. Do not unset LD_PRELOAD for parent.
Modify get_sandbox_pids_file(), get_sandbox_log() and get_sandbox_debug_log() to use TMPDIR if present in environment.
Remove sandbox_log_file from main() as its no longer used.
Add get_sandbox_debug_log(), and use it (add behaviour similar to SANDBOX_LOG if already exported when sandbox started). Fix get_sandbox_log() and new get_sandbox_debug_log() to not use already exported environment variables if they have '/' in them. Use snprintf()'s instead of strncpy()'s. More SB_PATH_MAX fixes.
* sandbox-1.2.7
More path limit fixes. Declare SB_BUF_LEN global and use it where needed.
Fix paths limited to 255 chars. Fix get_sandbox_dir() returning a string with '(null)' in it if we did not call sandbox with absolute path.
Set SANDBOX_ON *before* doing the child's env stuff, else its not set for the child.
Remove global preload_adaptable as it is no longer used.
Rewrite environment stuff to only be set when execve'ing the child process to try and avoid issues like bug #91541 that causes sandbox to crash if we set LD_PRELOAD sandbox side already.
Move print_sandbox_log() up to make things neater.
Remove load_preload_libs(), as its not used anymore.
Remove NO_FORK stuff, as its not used, and 'strace -f' works just fine.
Remove USE_SYSTEM_SHELL stuff, as it is not secure, and not in use.
Remove ld.so.preload crap - we are not going to use it again.
Fix typo in code that checks if we got valid group information, causing a segmentation fault, bug #91637.
* sandbox-1.2.6
Do not use LD_PRELOAD if it contains libtsocks.so, as it breaks sandbox for some odd reason, bug #91541.
Fix typo (sizeof -> strlen).
rewrote sbcontext caching so it accounts for env changes since lib initialization.
We create libctest.c via configure, so no need to keep it around. Do some cleanup related to libctest.c and libctest during configure.
Add rename support of symlinks pointing to protected files/directories.
* sandbox-1.2.5
Do not reset already set LD_PRELOAD when starting sandbox. If LD_PRELOAD is already set, init of the env vars fails for some reason, so do this later on, and do not warn (bug #91431).
Fixup sandbox and sandbox.bashrc to call bash with the proper .bashrc.
* sandbox-1.2.4
Add bug # for previous change.
Do not init the env entries with each call, as it creates too many calls to lstat, etc. Should speedup things a bit.
Add /dev/pty to default write list. Noticed by Morfic.
dlvsym doesnt exist in uClibc
sandbox-1.2.3
Do not check for (*&#$(* CXX or F77.
Do not append '/' to pathname in filter_path() if it already ends with it.
fix cross-compiling and uclibc and all that jazz
* sandbox-1.2.2
Only check for /dev/{null,zero} for unlink hack, else ricers using /dev/shm
have issues; bug #90592.
Add sandbox-1.2 release comment to ChangeLog
sandbox-1.2.1
Make sure all functions used in libsandbox.c is declared static. Define SB_STATIC in localdecls.h for this. Include sandbox_futils.c rather than linking with its object. Hopefully this will fix bug #90153.
Allow lchown a symlink in write-allowed path pointing to write-denied target.
show resolved symlinks in log
Seems -nostdlib was the problem with the constructor/destructor - remove it from Makefile.am, and change the constructor/destructor names again.
Also rename the _init() and _fini() declarations.
Fixup the constructor/destructor function names again (they should be _init() and _fini() it seems, and not being called caused sandbox_lib_path to be unset, and thus breaking the execve() wrapper's LD_PRELOAD protection). Add both the path in given SANDBOX_x variable, as well as its symlink resolved path in init_env_entries(). Modify filter_path() to be able to resolve paths without resolving symlinks, as well as to be able to resolve symlinks. Fix a possible segfault in check_access(). Add symlink resolving to check_access() resolving bug #31019. Add 'hack' for unlink, as the fix for bug #31019 cause access violations if we try to remove a symlink that is not in protected path, but points to a protected path. Fix a memory leak in sandbox.c (sandbox_pids_file in main()). Fix the realpath() calls in main() (sandbox.c) being unchecked. Fix the debug logname not having the pid in it (pid_string was uninitialized). General syntax cleanups.
happy output time. missing new line.
correct symbols.h building when libdir !+ "/lib"
Hack to make sure sandboxed process cannot remove a device node, bug #79836.
Fix symbols.in not added to dist.
White space fixes.
Fix inverse test logic in canonicalize.c, use a strncpy. Fix gcc warning in getcwd.c. Add symbols.in and logic to Makefile.am to generate symbol versions for glibc and other libc's that use this. Update libsandbox.c to use these symbol versions if available. Fix exec wrapper to re-export LD_PRELOAD if the process unset it.
killed off _init and _fini in favor of void __attribute__ ((constructor)) init_func and void __attribute__ ((destructor)) closing_func. _(init|func) were deprecated.
hopefully cvs is done being stupid. Compilation fixes, along w/ make dist fix.
should make things compile again
stupid libtool.
corrections to remove hardcoded paths.
removed the /usr/lib/portage/ hardcoded reference for bashrc.
entry regarding cvs shift, and the beast being autotooled.
Initial revision
This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, enter a numeric revision.
| ViewVC Help | |
| Powered by ViewVC 1.1.13 |