Date: Thu, 14 Feb 2013 00:03:54 +0100 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: freebsd-arch@FreeBSD.org Subject: bindat(2) and connectat(2) syscalls for review. Message-ID: <20130213230354.GC1375@garage.freebsd.pl>
next in thread | raw e-mail | index | archive | help
--f0KYrhQ4vYSV2aJu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi. I'd like to commit the following patch: http://people.freebsd.org/~pjd/patches/bindconnectat.patch It implements bindat(2) and connectat(2) syscalls that will allow to manage UNIX domain sockets from within capability mode sandbox. They work just like any other *at(2) syscall and their prototypes look like this: int bindat(int fd, int s, const struct sockaddr *addr, socklen_t addrlen); int connectat(int fd, int s, const struct sockaddr *addr, socklen_t addrle= n); Where 'fd' is directory descriptor. The only supported socket domain is PF_LOCAL. The audit subsystem was updated to audit the new syscalls properly. Comments and reviews are welcome. --=20 Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl --f0KYrhQ4vYSV2aJu Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlEcG9oACgkQForvXbEpPzSafwCeJt4l+7hgI+/vcOVGHc+IcFLK 0+UAniSVf8RM8oduMjxkhLiUy+A48/4U =D1Fx -----END PGP SIGNATURE----- --f0KYrhQ4vYSV2aJu--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130213230354.GC1375>