/[path-sandbox]/trunk/libsandbox.c
Gentoo

Log of /trunk/libsandbox.c

Parent Directory Parent Directory | Revision Log Revision Log



Revision 162 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Mon Aug 29 15:38:02 2005 UTC (8 years, 10 months ago) by azarah
File length: 37277 byte(s)
Diff to previous 156 , to selected 120
Form cleanups.

Revision 156 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri Aug 5 13:33:54 2005 UTC (8 years, 11 months ago) by azarah
File length: 37211 byte(s)
Diff to previous 154 , to selected 120
Do not give an access violation if the access() system call do not have
write/read access - it does not actually modify, so we only need to return
not being able to write/read.  Noted by Andres Loeh <kosmikus@gentoo.org>,
bug #101433.


Revision 154 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Mon Aug 1 08:08:08 2005 UTC (8 years, 11 months ago) by azarah
File length: 36789 byte(s)
Diff to previous 153 , to selected 120
Add support for SANDBOX_VERBOSE (enabled by default).  Adjust SANDBOX_DEBUG
to only enable if equal to 1 or yes.


Revision 153 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Mon Aug 1 07:57:35 2005 UTC (8 years, 11 months ago) by azarah
File length: 36425 byte(s)
Diff to previous 145 , to selected 120
Still do normal log if debugging is requested.

Revision 145 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri Jul 8 14:52:26 2005 UTC (9 years ago) by azarah
File length: 35770 byte(s)
Diff to previous 144 , to selected 120
Try to cleanup and make error handling/printing consistent.

Revision 144 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jul 7 22:58:16 2005 UTC (9 years ago) by azarah
File length: 35751 byte(s)
Diff to previous 142 , to selected 120
Cleanup access/log printing.  Make access printing honour NOCOLOR.  Fix log
printing's last line not honouring NOCOLOR.


Revision 142 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jul 7 22:14:57 2005 UTC (9 years ago) by azarah
File length: 35762 byte(s)
Diff to previous 140 , to selected 120
Remove unused includes and variables.

Revision 140 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jul 7 22:01:14 2005 UTC (9 years ago) by azarah
File length: 35832 byte(s)
Diff to previous 138 , to selected 120
Redo the interface of the get_* functions so that we do not leak memory.

Revision 138 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jul 7 13:01:31 2005 UTC (9 years ago) by azarah
File length: 35866 byte(s)
Diff to previous 137 , to selected 120
Fix possible segfault in env init code.

Revision 137 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jul 6 21:33:23 2005 UTC (9 years ago) by azarah
File length: 35801 byte(s)
Diff to previous 136 , to selected 120
Cleanup init_env_entries() and check_prefixes().

Revision 136 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jul 6 19:41:26 2005 UTC (9 years ago) by azarah
File length: 36398 byte(s)
Diff to previous 135 , to selected 120
Add check_prefixes() with major cleanup on check_access().

Revision 135 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jul 6 18:40:01 2005 UTC (9 years ago) by azarah
File length: 37637 byte(s)
Diff to previous 134 , to selected 120
Clean up logging in libsandbox.c, and hopefully make it more consistant.

Revision 134 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jul 6 17:35:30 2005 UTC (9 years ago) by azarah
File length: 38555 byte(s)
Diff to previous 133 , to selected 120
Change log dir to /var/log/sandbox/.  Make sure the sandboxed process cannot write to it.

Revision 133 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jul 6 00:36:46 2005 UTC (9 years ago) by azarah
File length: 38905 byte(s)
Diff to previous 132 , to selected 120
Remove unused 'pids file' code.

Revision 132 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jul 6 00:12:49 2005 UTC (9 years ago) by azarah
File length: 39915 byte(s)
Diff to previous 122 , to selected 120
Remove unused variables.

Revision 122 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Tue Jun 14 21:59:07 2005 UTC (9 years, 1 month ago) by azarah
File length: 39958 byte(s)
Diff to previous 121 , to selected 120
Label rename for clarity.

Revision 121 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Tue Jun 14 21:57:00 2005 UTC (9 years, 1 month ago) by azarah
File length: 39949 byte(s)
Diff to previous 120
Cleanup the fail_nametoolong stuff a bit more.

Revision 120 - (view) (download) (as text) (annotate) - [selected]
Modified Sat Jun 11 10:04:07 2005 UTC (9 years, 1 month ago) by azarah
File length: 41002 byte(s)
Diff to previous 119
Remove hopefully the last ld.so.preload bits we do not use anymore.

Revision 119 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sat Jun 11 10:01:11 2005 UTC (9 years, 1 month ago) by azarah
File length: 41103 byte(s)
Diff to previous 118 , to selected 120
Remove the unneeded canonicalize() calls in the wrappers - we do it anyhow
in check_syscall().  Should speed things up a bit (at least for the getcwd()
and long path name test it goes down to under a second, and not 10+ seconds
like before).  Also warn if we skip checking due to the canonicalized path
being too long.


Revision 118 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sat Jun 11 08:54:24 2005 UTC (9 years, 1 month ago) by azarah
File length: 42100 byte(s)
Diff to previous 117 , to selected 120
More comment/readability cleanups

Revision 117 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sat Jun 11 07:25:36 2005 UTC (9 years, 1 month ago) by azarah
File length: 42076 byte(s)
Diff to previous 114 , to selected 120
Some strncpy/strncat and other cleanups.

Revision 114 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jun 9 16:53:13 2005 UTC (9 years, 1 month ago) by azarah
File length: 42214 byte(s)
Diff to previous 113 , to selected 120
Move symlink hack down a bit to try and minimize on the amount of lstat()
calls we do.


Revision 113 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jun 9 16:47:21 2005 UTC (9 years, 1 month ago) by azarah
File length: 42188 byte(s)
Diff to previous 112 , to selected 120
Add hack to allow writing to /proc/self/fd (or /dev/fd), bug #91516.

Revision 112 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jun 9 15:47:25 2005 UTC (9 years, 1 month ago) by azarah
File length: 41813 byte(s)
Diff to previous 110 , to selected 120
Add wrapper for access() function, bug #85413.

Revision 110 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jun 9 14:42:11 2005 UTC (9 years, 1 month ago) by azarah
File length: 40888 byte(s)
Diff to previous 109 , to selected 120
Make sure our true_* pointers are initialized to NULL, and that we check for
all references that they are valid.


Revision 109 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jun 9 14:32:28 2005 UTC (9 years, 1 month ago) by azarah
File length: 40686 byte(s)
Diff to previous 107 , to selected 120
Be default we will fail if the path name we try to canonicalize is too long.
This however could cause issues with some things (bug #94630 and #21766), so
if fail_nametoolong == 0, canonicalize() will return a null length string and
do not fail.


Revision 107 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jun 8 13:39:53 2005 UTC (9 years, 1 month ago) by azarah
File length: 39727 byte(s)
Diff to previous 106 , to selected 120
Whitespace fixes.

Revision 106 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jun 8 13:37:18 2005 UTC (9 years, 1 month ago) by azarah
File length: 39803 byte(s)
Diff to previous 104 , to selected 120
Fix incorrect free of non-malloc'd array, bug #92313 and #94020.  Fix noted
by Marcus D. Hanwell <cryos@gentoo.org>.


Revision 104 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sun Jun 5 07:45:28 2005 UTC (9 years, 1 month ago) by vapier
File length: 39833 byte(s)
Diff to previous 101 , to selected 120
whitespace tweaks


Revision 101 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri May 13 15:23:28 2005 UTC (9 years, 2 months ago) by azarah
File length: 39843 byte(s)
Diff to previous 100 , to selected 120
General cleanups.


Revision 100 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri May 13 14:18:05 2005 UTC (9 years, 2 months ago) by azarah
File length: 39907 byte(s)
Diff to previous 99 , to selected 120
Various LD_PRELOAD cleanups.  Do not unset LD_PRELOAD for parent.


Revision 99 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri May 13 13:30:51 2005 UTC (9 years, 2 months ago) by azarah
File length: 39901 byte(s)
Diff to previous 76 , to selected 120
Modify get_sandbox_pids_file(), get_sandbox_log() and get_sandbox_debug_log()
to use TMPDIR if present in environment.


Revision 76 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sun May 8 11:27:37 2005 UTC (9 years, 2 months ago) by ferringb
File length: 39826 byte(s)
Diff to previous 74 , to selected 120
rewrote sbcontext caching so it accounts for env changes since lib initialization.


Revision 74 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 4 15:33:47 2005 UTC (9 years, 2 months ago) by azarah
File length: 38127 byte(s)
Diff to previous 71 , to selected 120
Add rename support of symlinks pointing to protected files/directories.


Revision 71 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 4 14:46:50 2005 UTC (9 years, 2 months ago) by azarah
File length: 38082 byte(s)
Diff to previous 66 , to selected 120
Do not reset already set LD_PRELOAD when starting sandbox.  If LD_PRELOAD is
already set, init of the env vars fails for some reason, so do this later on,
and do not warn (bug #91431).


Revision 66 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Tue May 3 10:56:19 2005 UTC (9 years, 2 months ago) by azarah
File length: 38118 byte(s)
Diff to previous 54 , to selected 120
Do not init the env entries with each call, as it creates too many calls to
lstat, etc.  Should speedup things a bit.


Revision 54 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Apr 28 22:41:57 2005 UTC (9 years, 2 months ago) by azarah
File length: 37707 byte(s)
Diff to previous 47 , to selected 120
Do not append '/' to pathname in filter_path() if it already ends with it.


Revision 47 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Apr 28 15:49:30 2005 UTC (9 years, 2 months ago) by azarah
File length: 37648 byte(s)
Diff to previous 43 , to selected 120
Only check for /dev/{null,zero} for unlink hack, else ricers using /dev/shm
have issues; bug #90592.


Revision 43 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sat Apr 23 20:44:15 2005 UTC (9 years, 3 months ago) by azarah
File length: 37594 byte(s)
Diff to previous 40 , to selected 120
Make sure all functions used in libsandbox.c is declared static.  Define
SB_STATIC in localdecls.h for this.  Include sandbox_futils.c rather than
linking with its object.  Hopefully this will fix bug #90153.


Revision 40 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Mon Mar 21 23:30:13 2005 UTC (9 years, 4 months ago) by azarah
File length: 37578 byte(s)
Diff to previous 39 , to selected 120
Allow lchown a symlink in write-allowed path pointing to write-denied target.


Revision 39 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Mon Mar 21 08:54:02 2005 UTC (9 years, 4 months ago) by genone
File length: 37531 byte(s)
Diff to previous 37 , to selected 120
show resolved symlinks in log


Revision 37 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Mon Mar 14 00:28:10 2005 UTC (9 years, 4 months ago) by azarah
File length: 37278 byte(s)
Diff to previous 36 , to selected 120
Seems -nostdlib was the problem with the constructor/destructor - remove it
from Makefile.am, and change the constructor/destructor names again.


Revision 36 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sun Mar 13 23:29:28 2005 UTC (9 years, 4 months ago) by azarah
File length: 37496 byte(s)
Diff to previous 35 , to selected 120
Also rename the _init() and _fini() declarations.


Revision 35 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sun Mar 13 23:23:00 2005 UTC (9 years, 4 months ago) by azarah
File length: 37500 byte(s)
Diff to previous 32 , to selected 120
Fixup the constructor/destructor function names again (they should be _init()
and _fini() it seems, and not being called caused sandbox_lib_path to be
unset, and thus breaking the execve() wrapper's LD_PRELOAD protection).
Add both the path in given SANDBOX_x variable, as well as its symlink
resolved path in init_env_entries().  Modify filter_path() to be able to
resolve paths without resolving symlinks, as well as to be able to resolve
symlinks.  Fix a possible segfault in check_access().  Add symlink resolving
to check_access() resolving bug #31019.  Add 'hack' for unlink, as the fix
for bug #31019 cause access violations if we try to remove a symlink that is
not in protected path, but points to a protected path.  Fix a memory leak in
sandbox.c (sandbox_pids_file in main()).  Fix the realpath() calls in main()
(sandbox.c) being unchecked.  Fix the debug logname not having the pid in it
(pid_string was uninitialized).  General syntax cleanups.


Revision 32 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Mar 2 17:30:16 2005 UTC (9 years, 4 months ago) by azarah
File length: 32684 byte(s)
Diff to previous 30 , to selected 120
Hack to make sure sandboxed process cannot remove a device node, bug #79836.


Revision 30 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Mar 2 09:04:45 2005 UTC (9 years, 4 months ago) by azarah
File length: 32834 byte(s)
Diff to previous 29 , to selected 120
White space fixes.


Revision 29 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Mar 2 09:01:36 2005 UTC (9 years, 4 months ago) by azarah
File length: 33215 byte(s)
Diff to previous 28 , to selected 120
Fix inverse test logic in canonicalize.c, use a strncpy.  Fix gcc warning in
getcwd.c.  Add symbols.in and logic to Makefile.am to generate symbol versions
for glibc and other libc's that use this.  Update libsandbox.c to use these
symbol versions if available.  Fix exec wrapper to re-export LD_PRELOAD if the
process unset it.


Revision 28 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Mar 2 05:48:12 2005 UTC (9 years, 4 months ago) by ferringb
File length: 32959 byte(s)
Diff to previous 26 , to selected 120
killed off _init and _fini in favor of
void __attribute__ ((constructor)) init_func and
void __attribute__ ((destructor)) closing_func.  _(init|func) were deprecated.


Revision 26 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Mon Dec 6 21:42:51 2004 UTC (9 years, 7 months ago) by ferringb
File length: 32794 byte(s)
Diff to previous 25 , to selected 120
hopefully cvs is done being stupid.  Compilation fixes, along w/ make dist fix.


Revision 25 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sun Dec 5 06:14:21 2004 UTC (9 years, 7 months ago) by ferringb
File length: 32795 byte(s)
Diff to previous 24 , to selected 120
compilation fixups.


Revision 24 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sun Dec 5 05:42:10 2004 UTC (9 years, 7 months ago) by ferringb
File length: 32770 byte(s)
Diff to previous 22 , to selected 120
should make things compile again


Revision 22 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Dec 2 05:20:50 2004 UTC (9 years, 7 months ago) by vapier
File length: 32768 byte(s)
Diff to previous 2 , to selected 120
need to include config.h


Revision 2 - (view) (download) (as text) (annotate) - [select for diffs]
Added Fri Nov 19 22:03:42 2004 UTC (9 years, 8 months ago) by ferringb
File length: 32748 byte(s)
Diff to selected 120
Initial revision


This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, enter a numeric revision.

  Diffs between and
  Type of Diff should be a

Sticky Revision:
(Current path doesn't exist after revision 177)

  ViewVC Help
Powered by ViewVC 1.1.20