Using more idiomatic caph_limit_stderr(3) and caph_limit_stdout(3) in this instance instead of calls to caph_rights_limit(3).
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
May 25 2019
STDOUT_FILENO and STDERR_FILENO are given CAP_WRITE, and not given the extra capabilities needed by STDIN_FILENO and file arguments to tail(1).
May 24 2019
Nov 13 2018
Oct 6 2018
Oct 5 2018
I would strongly recommend submitting the sshbuf_{get,put,free}_passwd() part of this patch upstream.
Sep 13 2018
Fixed code style issues
Sep 12 2018
Looks great to me.
Fixed commented issues.
Functionality looks good to me. Some minor style suggestions follow.
Created D17128 for OpenSSH-7.8p1.
Sep 11 2018
In D17056#364904, @naito.yuichiro_gmail.com wrote:I found one problem that sshd fails to reverse resolve hostname if server is set UseDNS yes .
I see that r338561 commit updates openssh to 7.8p1.
I'm going to update my patch for this version and create a new differential.
I found one problem that sshd fails to reverse resolve hostname if server is set UseDNS yes .
Sep 10 2018
Looks great to me, thanks. Any other reviewers want to take a pass?
Fixed code style issues and log messages.
No functional change.
Sep 8 2018
Looks great to me! All of my comments below are just style or message suggestions, nothing functional.
Sep 7 2018
How do we coordinate with upstream on this?
Fixed commented issues.
If you try this code, please be aware that you need to update libprivatessh.so.
Because I fixed buffer.c to implement functions for operating struct passwd.
Buffer related functions are written in 'buffer.c'.
Sep 6 2018
How do we coordinate with upstream on this?
Mostly looks good to me! I had a couple concerns and suggestions, see below. Thanks for the patch.
In D17056#363447, @naito.yuichiro_gmail.com wrote:Hi Conrad.
Thanks for the advice. I regenerated patch file. It seems good differential.
regenerate patch by `diff -U9999```
Hi Conrad.
Thanks for the advice. I regenerated patch file. It seems good differential.
Hi Yuichiro NAITO,
May 17 2018
May 16 2018
May 12 2018
fix RESCUE: include lib/libjail/jail.c in librescue if necessary
May 11 2018
cap_jail.c: improve allocation and error handling in service command
cap_sysctl.c: resolve names to mibs when limits are set.
- rename cap_jail_get -> cap_jail and system.cap_jail_get -> system.cap_jail
- cap_jail:
- fix copyright
- add man page
- cap_jail.c:
- style(9) changes
- use dnvlist_* in service command
- split nvlist -> iov function in two: nvl_to_iov_s is used by the service and makes sure there is space before memcpy
- jls.c: use caph_enter_casper
- cap_sysctl.c: style
- cap_sysclt.3: reference sysctl(3)
May 10 2018
WOW! Thank you for working on that!
I removed to kernel changes and used libcasper to obtain sysctl and jail_get functionality needed for jls(1).
May 5 2018
Please use libcasper(3) to obtain valid sysctl.
May 4 2018
caph_cache_catpages(3) before cap_enter(2)
May 3 2018
Apr 30 2018
connectat/bindat description updated in rS333119
Had a quick skim, but LGTM.
Apr 28 2018
Thank you, I will try to review soon and have added some other Capsicum folks.
Mar 17 2018
Oct 28 2017
Oct 12 2017
In D8753#258283, @emaste wrote:From in-person working group session, a suggestion to rename libcasper.h to libcasper.h.in and run unifdef on it during install.
% cat example.h.in // example header file #ifdef WITH_CASPER // casper version #else // non-casper version #endif % unifdef -UWITH_CASPER -o example.h example.h.in % cat example.h // example header file // non-casper version % unifdef -DWITH_CASPER -o example.h example.h.in % cat example.h // example header file // casper version
Sep 22 2017
From in-person working group session, a suggestion to rename libcasper.h to libcasper.h.in and run unifdef on it during install.
Sep 21 2017
As discussed with emaste@ I commited the changes regarding the stabilization of the ifdefs name in separate commit (r323866). This should make diff a little bit smaller.
Sep 17 2017
Aug 25 2017
Aug 16 2017
Update with -U9999.
Aug 15 2017
Would you please upload a diff with full context (-U9999)? Thanks.
Aug 10 2017
Update to new libcasper version.
Hi Guys :)
Jul 8 2017
Feb 18 2017
Jan 20 2017
Dec 16 2016
Maybe what I'm about to say is blasphemy in our circles, but it looks like this tries to solve a problem that an object oriented programming language with virtual functions (C++) could easily solve. libcasper's header file would provide declarations for abstract base classes for all sorts of handles. Then there are two implementations of these classes: one that acts as a no-op and one that is actually built on top of Capsicum. That way there is no need to resort to linker tricks.
Dec 15 2016
I don't really much like this approach, plus there is a high risk to have libcaspermock and libcasper out of sync
Dec 12 2016
The changes proposed seem ok, in so long as it addresses the regression I reported on svn-src-all@.
@ngie Thoughts? I'd like to commit this and move on to other things, so review/approval is highly appreciated.
In D8753#181465, @oshogbo wrote:The only situation I can think of where you would like to have two libraries is when you would install something from ports which you don't want to use Casper and your base system is using Casper.
The behavior of few functions are a little bit different libcasper and libcaspermock but this still could be merged somehow.
The only situation I can think of where you would like to have two libraries is when you would install something from ports which you don't want to use Casper and your base system is using Casper.
Why do we need a separate library for this? Why not just turn MK_CASPER=no into the equivalent of cap_enable() -> false?
Dec 11 2016
Example of usage: https://reviews.freebsd.org/D8754
In D8746#181220, @cem wrote:For local dotdot lookups in capsicum mode, I think it will be very easy to add some unit tests confirming correct behavior.
For local dotdot lookups in capsicum mode, I think it will be very easy to add some unit tests confirming correct behavior.