Page MenuHomeFreeBSD
Differential D9046

Capsicum: add capability mode to users binary
ClosedPublic
Actions

Authored by tyler_tysdomain.com on Jan 5 2017, 4:51 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Mar 22, 3:40 PM
Unknown Object (File)
Jan 13 2024, 7:06 PM
Unknown Object (File)
Jan 6 2024, 8:03 AM
Unknown Object (File)
Jan 6 2024, 8:03 AM
Unknown Object (File)
Jan 6 2024, 8:03 AM
Unknown Object (File)
Jan 6 2024, 8:03 AM
Unknown Object (File)
Jan 6 2024, 7:50 AM
Unknown Object (File)
Dec 22 2023, 4:22 PM
View All 43 Files
Subscribers
imp

Details

Reviewers
emaste
cem
allanjude
jonathan
sson
oshogbo
Commits
rS330464: MFC r311581:
rS311581: Capsicum: add capability mode to users binary
Summary

This patch adds capsicum support to the users binary.

Test Plan

Run users with no arguments, works well.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

tyler_tysdomain.com updated this revision to Diff 23613.Jan 5 2017, 4:51 AM
tyler_tysdomain.com retitled this revision from to Capsicum: add capability mode to users binary.
tyler_tysdomain.com updated this object.
tyler_tysdomain.com edited the test plan for this revision. (Show Details)
tyler_tysdomain.com added reviewers: oshogbo, allanjude, sson, emaste, jonathan.
Herald added a subscriber: imp. · View Herald TranscriptJan 5 2017, 4:51 AM
allanjude added a reviewer: cem.Jan 5 2017, 4:58 AM
cem added inline comments.Jan 5 2017, 5:13 AM
usr.bin/users/users.cc
56 ↗(On Diff #23613)

Does this need to include errno.h to compile?

tyler_tysdomain.com added a comment.Jan 5 2017, 5:23 AM

Does this need to include errno.h to compile?

It compiles without, but you're right in that it should. The only reason it does compile is that some header somewhere also includes errno.h

tyler_tysdomain.com updated this revision to Diff 23614.Jan 5 2017, 5:29 AM
  1. Updating D9046: Capsicum: add capability mode to users binary #
  2. Enter a brief description of the changes included in this update.
  3. The first line is used as subject, next lines as comment. #
  4. If you intended to create a new revision, use:
  5. $ arc diff --create

Updated to include extra err.h and errno.h

cem accepted this revision.Jan 5 2017, 5:31 AM
cem edited edge metadata.
This revision is now accepted and ready to land.Jan 5 2017, 5:31 AM
oshogbo accepted this revision.Jan 5 2017, 11:16 AM
oshogbo edited edge metadata.

It's look good with me.
To be super precise we could consider limiting standard descriptors (std{in, out, err}).

emaste edited edge metadata.Jan 6 2017, 3:05 AM
In D9046#186953, @oshogbo wrote:

It's look good with me.
To be super precise we could consider limiting standard descriptors (std{in, out, err}).

This is a valid point, but I'm willing to trade off simplicity and smaller changes against precisely limiting stdio on trivial utilities like this.

Closed by commit rS311581: Capsicum: add capability mode to users binary (authored by allanjude). · Explain WhyJan 7 2017, 4:57 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
usr.bin/
users/
7 lines

Diff 23698

View Options

head/usr.bin/users/users.cc

Loading...