♟ oshogbo

Sorry for keeping you waiting.

libcapsicum: add missing links

Maybe lets use cap_helpers in whole file

What you afraid of?
If you build system without capsicum/casper everything works caph_enter_casper don't fail in that case, the filearsgs_open is changed to the standard open(2) call>
Please check ot this header file: https://svnweb.freebsd.org/base/head/lib/libcasper/services/cap_fileargs/cap_fileargs.h?view=markup

iscsi: simplify the capsicumization

libcasper: do not fail if Capsicum is not avilable

strings: fix style nits

libcasper: provide compatibility with the old version of service

brandelf: capsicumize it

brandelf: fix style nits

@allanjude Would you be interested to try sandbox uudecode with fileargs?

Can we abandom this review?

I think we can close this revision because of the: https://reviews.freebsd.org/D17967

The idea looks good for me, but I'm not an expert about Makefiles so I would feel bather if @bdrewery would give a look to those changes.

Update the names in the LIMITS and EXAMPLES sections after r340363.

Add SBUG - BSD user grup from Rzeszow, Poland.

I would wait one day for @pjd

I didn't check that, but I wonder what would happen if we would past the AT_FDCWD? Which have a negative value.

s/caph_enter_capser/caph_enter_casper/g

Fix typo in the comparison.

s/caph_enter_with_casper/caph_enter_casper/

@cem, @kib, @emaste, @jilles I would like to commit it as-it-is but pjd suggested to change the name to funlinkat? After some thoughts I also think that funlinkat is a bether name 'fd' suggests that it's working on 'FILE *'. Do you agree?

wc: We should sandbox wc only if Capers is available.

head: sandbox using capsicum

wc: sandbox wc using capsicum

libcasper: introduce cap_fileargs service

head: fix style nits

libcasper: ange the name of limits in cap_dns so the intentions are obvious.

What is a point of it?
If you have a legacy mount do you want to mount it?
What about importing the pools that are missing?

bspatch: simplify capsicumization

Remove ppoll. freebsd32 doesn't define a ppoll syscall.

Regenerate after r340195.

capsicum: Add ppoll and freebsd32_ppoll to compat32.

Regenerate after r340129.

ping: simplify use of Casper

libcasper: using explicit_bzero in cap_grp service

libcasper: fix limitations in dns service

libcasper: Update example in man page to use cap_getnameinfo function.

libcasper: Document the cap_getaddrinfo and cap_getnameinfo functions

capsicum: use a new capsicum helpers in tools

Fix a recusive call introduce in the r340130.

Un-break build libexpact.

libcapsicum: Introduce caph_{rights,ioctls,fcntls}_limit

capsicum: allow ppoll(2) in capability mode

Thanks for catching that.

Add link to the setproctitle_fast function.

Wow Amezing job! Thank you for working on that!

Why don't use casper for that (e.g. cap_sysctlbyname) ?

One minor change. Besides that LGTM.

I proposed some minor changes.

@emaste The part about Casper LGTM.

oshogbo (Mariusz Zaborski)
User

Projects

User Details

Recent Activity
View All

Wed, Dec 12

Tue, Dec 11

Fri, Dec 7

Thu, Dec 6

Tue, Dec 4

Sun, Dec 2

Fri, Nov 30

Wed, Nov 21

Mon, Nov 19

Nov 18 2018

Nov 15 2018

Nov 14 2018

Nov 12 2018

Nov 7 2018

Nov 6 2018

Nov 4 2018

Oct 26 2018

Oct 24 2018

Oct 21 2018

Oct 20 2018

Oct 19 2018

Oct 17 2018

Oct 9 2018

Oct 1 2018

Sep 30 2018

Sep 14 2018

Sep 13 2018

Sep 11 2018

Sep 8 2018

Sep 6 2018

Sep 5 2018

Aug 30 2018

oshogbo (Mariusz Zaborski)User