Date: Mon, 4 Feb 2008 13:18:47 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 134778 for review Message-ID: <200802041318.m14DIlJU079741@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=134778 Change 134778 by rwatson@rwatson_freebsd_capabilities on 2008/02/04 13:17:51 Remove fchdir(2) from set if system calls allowed in capability mode. Regenreate. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#6 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#12 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#12 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#12 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#12 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#12 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#12 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#6 (text+ko) ==== @@ -5,7 +5,7 @@ # - sys_exit() and close() are very important. # - Sorted alphabeetically, please keep it that way. # -# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#5 $ +# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#6 $ # __acl_aclcheck_fd __acl_delete_fd @@ -56,11 +56,6 @@ extattr_get_fd extattr_list_fd extattr_set_fd -# -# Possibly fchdir() should be excluded on the basis that this implies access -# to the global namespace, and isn't really useful without it. -# -fchdir fchflags fchmod fchown ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#12 (text+ko) ==== @@ -42,7 +42,7 @@ { AS(unlink_args), (sy_call_t *)unlink, AUE_UNLINK, NULL, 0, 0, 0 }, /* 10 = unlink */ { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 11 = obsolete execv */ { AS(chdir_args), (sy_call_t *)chdir, AUE_CHDIR, NULL, 0, 0, 0 }, /* 12 = chdir */ - { AS(fchdir_args), (sy_call_t *)fchdir, AUE_FCHDIR, NULL, 0, 0, SYF_CAPENABLED }, /* 13 = fchdir */ + { AS(fchdir_args), (sy_call_t *)fchdir, AUE_FCHDIR, NULL, 0, 0, 0 }, /* 13 = fchdir */ { AS(mknod_args), (sy_call_t *)mknod, AUE_MKNOD, NULL, 0, 0, 0 }, /* 14 = mknod */ { AS(chmod_args), (sy_call_t *)chmod, AUE_CHMOD, NULL, 0, 0, 0 }, /* 15 = chmod */ { AS(chown_args), (sy_call_t *)chown, AUE_CHOWN, NULL, 0, 0, 0 }, /* 16 = chown */ ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#12 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#12 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#12 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#12 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#12 (text+ko) ====
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802041318.m14DIlJU079741>