Subject: CVS commit: basesrc/bin/systrace
To: None <source-changes@netbsd.org>
From: Niels Provos <provos@netbsd.org>
List: source-changes
Date: 10/12/2002 00:54:59
Module Name: basesrc
Committed By: provos
Date: Fri Oct 11 21:54:59 UTC 2002
Modified Files:
basesrc/bin/systrace: filter.c intercept.c intercept.h lex.l
netbsd-syscalls.c openbsd-syscalls.c parse.y systrace.1 systrace.c
systrace.h
syssrc/sys/kern: kern_systrace.c
syssrc/sys/sys: systrace.h
Log Message:
support for privilege elevation.
with privilege elevation no suid or sgid binaries are necessary any
longer. Applications can be executed completely unprivileged. Systrace
raises the privileges for a single system call depending on the
configured policy.
Idea from discussions with Perry Metzger, Dug Song and Marcus Watts.
Approved by christos and thorpej.
To generate a diff of this commit:
cvs rdiff -r1.10 -r1.11 basesrc/bin/systrace/filter.c
cvs rdiff -r1.7 -r1.8 basesrc/bin/systrace/intercept.c \
basesrc/bin/systrace/systrace.h
cvs rdiff -r1.5 -r1.6 basesrc/bin/systrace/intercept.h
cvs rdiff -r1.4 -r1.5 basesrc/bin/systrace/lex.l \
basesrc/bin/systrace/openbsd-syscalls.c basesrc/bin/systrace/parse.y
cvs rdiff -r1.8 -r1.9 basesrc/bin/systrace/netbsd-syscalls.c
cvs rdiff -r1.13 -r1.14 basesrc/bin/systrace/systrace.1
cvs rdiff -r1.11 -r1.12 basesrc/bin/systrace/systrace.c
cvs rdiff -r1.17 -r1.18 syssrc/sys/kern/kern_systrace.c
cvs rdiff -r1.5 -r1.6 syssrc/sys/sys/systrace.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.