Diffusion FreeBSD src repository - subversion rS304807

Capsicumize bspatch
rS304807
Actions

Description

Capsicumize bspatch

Move all of the fopen() and open() calls to the top of main()

Restrict each FD to least privilege (read/seek only, write only, etc)

cap_enter(), and make all except the output FD read/seek only.

Reviewed by: emaste, ed, oshogbo, delphij
Approved by: so
MFC after: 3 days
Relnotes: yes
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D7358

Details

Provenance

allanjude

Authored on

Reviewer

emaste

Differential Revision

D7358: Capsiciumize bspatch

Parents

rS304806: Fix an assert, it should check if, when moving from 1 l1 to 512 l2 blocks,

Branches

Unknown

Tags

Unknown

Event Timeline

allanjude committed rS304807: Capsicumize bspatch.Aug 25 2016, 3:08 PM

emaste mentioned this in D7619: bspatch: add sanity checks on sizes.Aug 25 2016, 3:53 PM

Changes (1)

Path

Size

head/

usr.bin/

bsdiff/

bspatch/

bspatch.c

rS304807

View Options

head/usr.bin/bsdiff/bspatch/bspatch.c