summaryrefslogtreecommitdiffstats
path: root/sys/kern/kern_prot.c
Commit message (Collapse)AuthorAgeFilesLines
...
* add #include <sys/kernel.h> where it's needed by MALLOC_DEFINE()peter1998-11-101-1/+2
|
* If the session leader dies, s_leader is set to NULL and getsid() maytruckman1998-11-091-2/+2
| | | | | | | | | | | | | | | | | | | | | | dereference a NULL pointer, causing a panic. Instead of following s_leader to find the session id, store it in the session structure. Jukka found the following info: BTW - I just found what I have been looking for. Std 1003.1 Part 1: SYSTEM API [C LANGUAGE] section 2.2.2.80 states quite explicitly... Session lifetime: The period between when a session is created and the end of lifetime of all the process groups that remain as members of the session. So, this quite clearly tells that while there is any single process in any process group which is a member of the session, the session remains as an independent entity. Reviewed by: peter Submitted by: "Jukka A. Ukkonen" <jau@jau.tmt.tele.fi>
* 64bit fixes: use size_t not u_int for sizes.dfr1998-06-101-2/+2
|
* Clear the p_stops field on change of user/group id, unless the correctsef1997-12-201-16/+26
| | | | | | | | | flag is set in the p_pfsflags field. This, essentially, prevents an SUID proram from hanging after being traced. (E.g., "truss /usr/bin/rlogin" would fail, but leave rlogin in a stopevent state.) Yet another case where procctl is (hopefully ;)) no longer needed in the general case. Reviewed by: bde (thanks bruce :))
* Make COMPAT_43 and COMPAT_SUNOS new-style options.eivind1997-12-161-1/+3
|
* Move the "retval" (3rd) parameter from all syscall functions and putphk1997-11-061-60/+38
| | | | | | | | | | | | it in struct proc instead. This fixes a boatload of compiler warning, and removes a lot of cruft from the sources. I have not removed the /*ARGSUSED*/, they will require some looking at. libkvm, ps and other userland struct proc frobbing programs will need recompiled.
* Killed non-sensical call to splimp/splx in crfree().dg1997-10-171-5/+1
|
* Last major round (Unless Bruce thinks of somthing :-) of malloc changes.phk1997-10-121-1/+3
| | | | | | | | Distribute all but the most fundamental malloc types. This time I also remembered the trick to making things static: Put "static" in front of them. A couple of finer points by: bde
* Implement XPG/SYSV-style getpgid()/getsid() syscalls. getpgid() uses thepeter1997-08-191-1/+50
| | | | | | same syscall number as NetBSD/OpenBSD. The getpgid() came from NetBSD (I think) originally, but it's basically cut/paste/edit from the other simple get*() syscalls.
* Removed unused #includes.bde1997-08-021-4/+1
|
* Don't incorrectly set P_SUGID in setre[ug]id() for no reason, as noticedpeter1997-04-021-5/+9
| | | | | | | by bde. Don't return EPERM in setre[ug]id() just because the caller passes in the current effective id in the second arg (ie: no change), as suggested by ache.
* Implement code for an OpenBSD-style issetuigid().peter1997-03-311-1/+26
| | | | | | | | | | | | | | | | This is valueable for library code which needs to be able to find out whether the current process is or *was* set[ug]id at some point in the past, and may have a "tainted" execution environment. This is especially a problem with the trend to immediately revoke privs at startup and regain them for critical sections. One problem with this is that if a cracker is able to compromise the program while it's still got a saved id, the cracker can direct the program to regain the privs. Another problem is that the user may be able to affect the program in some other way (eg: setting resolver host aliases) and the library code needs to know when it should disable these sorts of features. Reviewed by: ache Inspired by: OpenBSD (but with a different implementation)
* Do not set the P_SUGID flag in seteuid()/setegid() if nothing has changed.peter1997-03-311-11/+20
| | | | | | (for supporting issetugid()) Reviewed by: ache (as was the previous commit, rev 1.29)
* Do not set the P_SUGID flag in seteuid()/setegid() if nothing has changed.peter1997-03-311-9/+15
| | | | (for supporting issetugid())
* Fully implement the clause in Appendix B.4.2.2 from Posix 1003.1peter1997-03-311-31/+132
| | | | | | | | | | | | | | | that allows traditional BSD setuid/setgid behavior. The only visible difference should be that a non-root setuid program (eg: inn's "rnews" program) that is setuid to news, can completely "become" uid news. (ie: setuid(geteuid()) This was allowed in traditional 4.2/4.3BSD and is now "blessed" by Posix as a special case of "appropriate privilige". Also, be much more careful with the P_SUGID flag so that we can use it for issetugid() - only set it if something changed. Reviewed by: ache
* Make setgroups(0, xxx) behave as it does on SYSV, namely clear the groupspeter1997-03-311-6/+20
| | | | | | | | | | | | vector except for the egid in groups[0]. There is a risk that programs that come from SYSV/Linux that expect this to work and don't check for error returns may accidently pass root's groups on to child processes. We now do what is least suprising (to non BSD programs/programmers) in this scenario, and nothing is changed for programs written with BSD groups rules in mind. Reviewed by: ache
* Oops, fix typo.ache1997-03-031-2/+2
|
* Don't copy more than MAXLOGNAME bytes in getlogin() syscall,ache1997-03-031-3/+3
| | | | it is stricter than padded s_login size check was there.
* Use MAXLOGNAME for stricter size check in setlogin() syscall instead ofache1997-03-031-3/+3
| | | | sizeof of padded s_login array
* Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are notpeter1997-02-221-1/+1
| | | | ready for it yet.
* Fix off by one error in setlogin() syscall.davidn1997-02-101-3/+6
| | | | Don't overwrite session login unless the call is going to succeed.
* Make the long-awaited change from $Id$ to $FreeBSD$jkh1997-01-141-1/+1
| | | | | | | | This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
* Fixed setpgid(). Negative pgids were accepted.bde1996-12-191-1/+3
| | | | Found by: NIST-PCTS
* Added #include of <unistd.h> so that there is some chance thatbde1996-09-031-1/+2
| | | | | _POSIX_SAVED_IDS is defined. This feature was broken for a day or two.
* Conditionalize POSIX saved ids code on _POSIX_SAVED_IDS defineache1996-09-011-4/+22
|
* Fix a panic caused by (proc)->p_session being dereferenced for a processdg1996-05-301-2/+2
| | | | that was exiting.
* Included <sys/sysproto.h> to get central declarations for syscall argsbde1995-11-121-1/+40
| | | | | | | | | | structs and prototypes for syscalls. Ifdefed duplicated decentralized declarations of args structs. It's convenient to have this visible but they are hard to maintain. Some are already different from the central declarations. 4.4lite2 puts them in comments in the function headers but I wanted to avoid the large changes for that.
* Fixed type of setsid(). It used used the bogus `getsid_args'.bde1995-11-111-3/+3
|
* Return EINVAL if the number of groups is less than 1 in setgroups().dg1995-11-041-2/+3
| | | | Obtained from: 4.4BSD-Lite2
* Remove prototype definitions from <sys/systm.h>.swallace1995-10-081-10/+37
| | | | | | | | | | | | | | Prototypes are located in <sys/sysproto.h>. Add appropriate #include <sys/sysproto.h> to files that needed protos from systm.h. Add structure definitions to appropriate files that relied on sys/systm.h, right before system call definition, as in the rest of the kernel source. In kern_prot.c, instead of using the dummy structure "args", create individual dummy structures named <syscall>_args. This makes life easier for prototype generation.
* Optimized and simplified version of setreuid/gidache1995-06-151-34/+33
| | | | | Fixed: lack of crcopy in certain conditions, lack of setting sv[ug]id in certain conditions. Fixes non-critical.
* set[ug]id(): call suser() only when neccesarryache1995-04-291-9/+9
| | | | Submitted by: bde
* Implement POSIX SAVED_IDS for setuid/setgidache1995-04-281-10/+17
|
* setre*(): simplify return scheme, pointed by Bruceache1995-04-281-23/+19
|
* Implement setreuid/setregid according to SunOS manpageache1995-04-271-23/+41
|
* Make setreuid/setregid active syscallsache1995-04-231-5/+3
|
* Correct the type of the `acflag' arg to suser().bde1995-04-231-2/+2
|
* Added ifdef COMPAT_IBCS2 around setre[ug]id.sos1994-10-131-3/+3
|
* While in the real world, I had a bad case of being swapped out for a lot ofphk1994-09-251-7/+7
| | | | | | | | cycles. While waiting there I added a lot of the extra ()'s I have, (I have never used LISP to any extent). So I compiled the kernel with -Wall and shut up a lot of "suggest you add ()'s", removed a bunch of unused var's and added a couple of declarations here and there. Having a lap-top is highly recommended. My kernel still runs, yell at me if you kernel breaks.
* Added $Id$dg1994-08-021-0/+1
|
* The big 4.4BSD Lite to FreeBSD 2.0.0 (Development) patch.rgrimes1994-05-251-0/+22
| | | | | Reviewed by: Rodney W. Grimes Submitted by: John Dyson and David Greenman
* BSD 4.4 Lite Kernel Sourcesrgrimes1994-05-241-0/+566
OpenPOWER on IntegriCloud