/[path-sandbox]/trunk/sandbox.c
Gentoo

Log of /trunk/sandbox.c

Parent Directory Parent Directory | Revision Log Revision Log



Revision 127 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sun Jul 3 18:48:22 2005 UTC (9 years, 5 months ago) by azarah
File length: 19754 byte(s)
Diff to previous 126
Fix typo in Robin's patch.

Revision 126 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sun Jul 3 18:46:52 2005 UTC (9 years, 5 months ago) by azarah
File length: 19753 byte(s)
Diff to previous 124
Add PREDICT items for nss-db, bug #92079.  Patch from Robin Johnson.

Revision 124 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri Jun 17 12:32:02 2005 UTC (9 years, 6 months ago) by azarah
File length: 19483 byte(s)
Diff to previous 123
Move get_sandbox_*_envvar() to sandbox_setup_environ(), as its more appropriate there.

Revision 123 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri Jun 17 12:10:14 2005 UTC (9 years, 6 months ago) by azarah
File length: 19585 byte(s)
Diff to previous 113
Remove fooling around with exit codes - we error out on presence of a log anyhow.

Revision 113 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu Jun 9 16:47:21 2005 UTC (9 years, 6 months ago) by azarah
File length: 19623 byte(s)
Diff to previous 108
Add hack to allow writing to /proc/self/fd (or /dev/fd), bug #91516.

Revision 108 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jun 8 13:52:33 2005 UTC (9 years, 6 months ago) by azarah
File length: 19610 byte(s)
Diff to previous 105
Do not abort if TMPDIR is not valid, but rather use '/tmp', bug #94360.  Also
make sure we re-export the new TMPDIR environment variable.


Revision 105 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Jun 8 13:29:37 2005 UTC (9 years, 6 months ago) by azarah
File length: 19514 byte(s)
Diff to previous 101
Add /dev/console to write list, bug #38588.

Revision 101 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri May 13 15:23:28 2005 UTC (9 years, 7 months ago) by azarah
File length: 19501 byte(s)
Diff to previous 100
General cleanups.


Revision 100 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri May 13 14:18:05 2005 UTC (9 years, 7 months ago) by azarah
File length: 18986 byte(s)
Diff to previous 99
Various LD_PRELOAD cleanups.  Do not unset LD_PRELOAD for parent.


Revision 99 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri May 13 13:30:51 2005 UTC (9 years, 7 months ago) by azarah
File length: 18192 byte(s)
Diff to previous 98
Modify get_sandbox_pids_file(), get_sandbox_log() and get_sandbox_debug_log()
to use TMPDIR if present in environment.


Revision 98 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri May 13 12:53:15 2005 UTC (9 years, 7 months ago) by azarah
File length: 18049 byte(s)
Diff to previous 97
Remove sandbox_log_file from main() as its no longer used.


Revision 97 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Fri May 13 12:52:10 2005 UTC (9 years, 7 months ago) by azarah
File length: 18103 byte(s)
Diff to previous 96
Add get_sandbox_debug_log(), and use it (add behaviour similar to SANDBOX_LOG
if already exported when sandbox started).  Fix get_sandbox_log() and new
get_sandbox_debug_log() to not use already exported environment variables if
they have '/' in them.  Use snprintf()'s instead of strncpy()'s.  More
SB_PATH_MAX fixes.


Revision 96 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu May 12 01:08:20 2005 UTC (9 years, 7 months ago) by azarah
File length: 18438 byte(s)
Diff to previous 93
Add comments about memory we do not free at the moment.


Revision 93 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Thu May 12 00:07:21 2005 UTC (9 years, 7 months ago) by azarah
File length: 17946 byte(s)
Diff to previous 91
More path limit fixes.  Declare SB_BUF_LEN global and use it where needed.


Revision 91 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 11 23:35:14 2005 UTC (9 years, 7 months ago) by azarah
File length: 17924 byte(s)
Diff to previous 90
Set SANDBOX_ON *before* doing the child's env stuff, else its not set
for the child.


Revision 90 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 11 23:28:42 2005 UTC (9 years, 7 months ago) by azarah
File length: 17815 byte(s)
Diff to previous 89
Remove global preload_adaptable as it is no longer used.


Revision 89 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 11 23:23:07 2005 UTC (9 years, 7 months ago) by azarah
File length: 17890 byte(s)
Diff to previous 88
Rewrite environment stuff to only be set when execve'ing the child process
to try and avoid issues like bug #91541 that causes sandbox to crash if
we set LD_PRELOAD sandbox side already.


Revision 88 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 11 15:52:08 2005 UTC (9 years, 7 months ago) by azarah
File length: 15932 byte(s)
Diff to previous 87
Move print_sandbox_log() up to make things neater.


Revision 87 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 11 15:48:18 2005 UTC (9 years, 7 months ago) by azarah
File length: 15932 byte(s)
Diff to previous 86
Remove load_preload_libs(), as its not used anymore.


Revision 86 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 11 15:42:45 2005 UTC (9 years, 7 months ago) by azarah
File length: 17240 byte(s)
Diff to previous 85
Remove NO_FORK stuff, as its not used, and 'strace -f' works just fine.


Revision 85 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 11 15:40:51 2005 UTC (9 years, 7 months ago) by azarah
File length: 17285 byte(s)
Diff to previous 84
Remove USE_SYSTEM_SHELL stuff, as it is not secure, and not in use (continued).


Revision 84 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 11 15:39:13 2005 UTC (9 years, 7 months ago) by azarah
File length: 17296 byte(s)
Diff to previous 83
Remove USE_SYSTEM_SHELL stuff, as it is not secure, and not in use.


Revision 83 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 11 15:36:36 2005 UTC (9 years, 7 months ago) by azarah
File length: 17823 byte(s)
Diff to previous 78
Remove ld.so.preload crap - we are not going to use it again.


Revision 78 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Tue May 10 07:08:21 2005 UTC (9 years, 7 months ago) by azarah
File length: 21582 byte(s)
Diff to previous 77
Do not use LD_PRELOAD if it contains libtsocks.so, as it breaks sandbox
for some odd reason, bug #91541.


Revision 77 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Mon May 9 18:00:45 2005 UTC (9 years, 7 months ago) by azarah
File length: 21385 byte(s)
Diff to previous 71
Fix typo (sizeof -> strlen).


Revision 71 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed May 4 14:46:50 2005 UTC (9 years, 7 months ago) by azarah
File length: 21385 byte(s)
Diff to previous 70
Do not reset already set LD_PRELOAD when starting sandbox.  If LD_PRELOAD is
already set, init of the env vars fails for some reason, so do this later on,
and do not warn (bug #91431).


Revision 70 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Tue May 3 21:43:50 2005 UTC (9 years, 7 months ago) by azarah
File length: 20926 byte(s)
Diff to previous 65
Fixup sandbox and sandbox.bashrc to call bash with the proper .bashrc.


Revision 65 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Tue May 3 09:59:26 2005 UTC (9 years, 7 months ago) by azarah
File length: 20881 byte(s)
Diff to previous 35
Add /dev/pty to default write list.  Noticed by Morfic.


Revision 35 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Sun Mar 13 23:23:00 2005 UTC (9 years, 9 months ago) by azarah
File length: 20872 byte(s)
Diff to previous 34
Fixup the constructor/destructor function names again (they should be _init()
and _fini() it seems, and not being called caused sandbox_lib_path to be
unset, and thus breaking the execve() wrapper's LD_PRELOAD protection).
Add both the path in given SANDBOX_x variable, as well as its symlink
resolved path in init_env_entries().  Modify filter_path() to be able to
resolve paths without resolving symlinks, as well as to be able to resolve
symlinks.  Fix a possible segfault in check_access().  Add symlink resolving
to check_access() resolving bug #31019.  Add 'hack' for unlink, as the fix
for bug #31019 cause access violations if we try to remove a symlink that is
not in protected path, but points to a protected path.  Fix a memory leak in
sandbox.c (sandbox_pids_file in main()).  Fix the realpath() calls in main()
(sandbox.c) being unchecked.  Fix the debug logname not having the pid in it
(pid_string was uninitialized).  General syntax cleanups.


Revision 34 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Mar 9 07:39:50 2005 UTC (9 years, 9 months ago) by ferringb
File length: 20848 byte(s)
Diff to previous 30
happy output time.
missing new line.


Revision 30 - (view) (download) (as text) (annotate) - [select for diffs]
Modified Wed Mar 2 09:04:45 2005 UTC (9 years, 9 months ago) by azarah
File length: 20846 byte(s)
Diff to previous 2
White space fixes.


Revision 2 - (view) (download) (as text) (annotate) - [select for diffs]
Added Fri Nov 19 22:03:42 2004 UTC (10 years, 1 month ago) by ferringb
File length: 21028 byte(s)
Initial revision


This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, enter a numeric revision.

  Diffs between and
  Type of Diff should be a

Sticky Revision:
(Current path doesn't exist after revision 177)

  ViewVC Help
Powered by ViewVC 1.1.20