Up to [local] / src / usr.bin / users
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.16 / (download) - annotate - [select for diffs], Sun Dec 4 23:50:48 2022 UTC (18 months ago) by cheloha
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
HEAD
Changes since 1.15: +1 -2 lines
Diff to previous 1.15 (colored) to selected 1.8 (colored)
userspace: remove vestigial '?' cases from top-level getopt(3) loops getopt(3) returns '?' when it encounters a flag not present in the in the optstring or if a flag is missing its option argument. We can handle this case with the "default" failure case with no loss of legibility. Hence, remove all the redundant "case '?':" lines. Prompted by dlg@. With help from dlg@ and millert@. Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2 ok naddy@ millert@ dlg@
Revision 1.15 / (download) - annotate - [select for diffs], Mon Jul 12 15:09:20 2021 UTC (2 years, 10 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored) to selected 1.8 (colored)
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion. Work done and verified by Ashton Fagg <ashton@fagg.id.au> ok deraadt@ semarie@ claudio@
Revision 1.14 / (download) - annotate - [select for diffs], Fri Aug 3 16:02:53 2018 UTC (5 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.13: +3 -1 lines
Diff to previous 1.13 (colored) to selected 1.8 (colored)
unveil _PATH_UTMP at startup. Time for a commentary: There is a TOCTOU between unveil() and open() which should always be considered, since a path is being supplied twice to the kernel. First unveil()s define which paths remain in scope, then secondly open()s try to access paths in scope. The unveil() generates a vnode reservation against the final path resolution (including symbolic link collapse). Before the open() occurs, root could replace the path with symbolic traversal pointing elsewhere. Then open() will traverse a path which fails to discover the reserved vnode, and thus fail with ENOENT. The TOCTOU sequence doesn't succeed against the new path, it *always fails*. (Unless the symlink resolves to another unveil'd vnode object, but that is not new behaviour). So once a process is running with veiled filesystem view, we can consider such a symlink change action as PERMANENTLY visible to this process and correctly contained to the scoped view, rather than the previous behaviour of being TRANSIENT and global in view. So this is not a real race, security implications will be narrow, and generally the old symlink-race case is the less secure. When we add this unveil+open TOCTOU scenario to a program, we should consider who can perform such a symlink snap, and whether behaviour change to the program is more disruptive than the risks prevented through filesystem hiding. How does a program behave if a file disappears due to active interference? Are users (and scripts) used to operating in a racey best-effort way, and is the additional strictness strangling their freedom to run shitty stuff? A few general rules for base programs can avoid problems in this area: don't en masse unveil argv[], then process argv[] in a second phase. Don't unveil args which get placed into TZ, TERM, and some other environment variables, unless you completely understand what libc is doing.
Revision 1.13 / (download) - annotate - [select for diffs], Fri Oct 9 01:37:09 2015 UTC (8 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored) to selected 1.8 (colored)
Change all tame callers to namechange to pledge(2).
Revision 1.12 / (download) - annotate - [select for diffs], Wed Oct 7 14:35:19 2015 UTC (8 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.11: +4 -1 lines
Diff to previous 1.11 (colored) to selected 1.8 (colored)
tame "stdio rpath". no uid/user resolution happening here.
Revision 1.11 / (download) - annotate - [select for diffs], Wed Oct 8 04:11:28 2014 UTC (9 years, 8 months ago) by doug
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored) to selected 1.8 (colored)
userland reallocarray audit. Replace malloc() and realloc() calls that may have integer overflow in the multiplication of the size argument with reallocarray(). ok deraadt@
Revision 1.10 / (download) - annotate - [select for diffs], Fri Nov 15 22:20:04 2013 UTC (10 years, 6 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.9: +5 -3 lines
Diff to previous 1.9 (colored) to selected 1.8 (colored)
Include unistd.h as it is the standard location for getopt().
Revision 1.9 / (download) - annotate - [select for diffs], Tue Oct 27 23:59:46 2009 UTC (14 years, 7 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.8: +1 -14 lines
Diff to previous 1.8 (colored)
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
Revision 1.8 / (download) - annotate - [selected], Thu Oct 16 16:57:37 2003 UTC (20 years, 7 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0,
OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8,
OPENBSD_3_7_BASE,
OPENBSD_3_7,
OPENBSD_3_6_BASE,
OPENBSD_3_6,
OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.7: +10 -6 lines
Diff to previous 1.7 (colored)
better realloc. ok deraadt@
Revision 1.7 / (download) - annotate - [select for diffs], Tue Jun 3 02:56:21 2003 UTC (21 years ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.6: +3 -7 lines
Diff to previous 1.6 (colored) to selected 1.8 (colored)
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
Revision 1.6 / (download) - annotate - [select for diffs], Tue Sep 17 19:37:40 2002 UTC (21 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3,
OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.5: +4 -7 lines
Diff to previous 1.5 (colored) to selected 1.8 (colored)
ansi
Revision 1.5 / (download) - annotate - [select for diffs], Sat Feb 16 21:27:56 2002 UTC (22 years, 3 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.4: +3 -3 lines
Diff to previous 1.4 (colored) to selected 1.8 (colored)
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
Revision 1.4 / (download) - annotate - [select for diffs], Mon Nov 19 19:02:17 2001 UTC (22 years, 6 months ago) by mpech
Branch: MAIN
Changes since 1.3: +4 -4 lines
Diff to previous 1.3 (colored) to selected 1.8 (colored)
kill more registers millert@ ok
Revision 1.3 / (download) - annotate - [select for diffs], Wed Jan 15 23:43:30 1997 UTC (27 years, 5 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0,
OPENBSD_2_9_BASE,
OPENBSD_2_9,
OPENBSD_2_8_BASE,
OPENBSD_2_8,
OPENBSD_2_7_BASE,
OPENBSD_2_7,
OPENBSD_2_6_BASE,
OPENBSD_2_6,
OPENBSD_2_5_BASE,
OPENBSD_2_5,
OPENBSD_2_4_BASE,
OPENBSD_2_4,
OPENBSD_2_3_BASE,
OPENBSD_2_3,
OPENBSD_2_2_BASE,
OPENBSD_2_2,
OPENBSD_2_1_BASE,
OPENBSD_2_1
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored) to selected 1.8 (colored)
getopt(3) returns -1 when out of args, not EOF, whee!
Revision 1.2 / (download) - annotate - [select for diffs], Wed Jun 26 05:42:20 1996 UTC (27 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_0_BASE,
OPENBSD_2_0
Changes since 1.1: +2 -1 lines
Diff to previous 1.1 (colored) to selected 1.8 (colored)
rcsid
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Oct 18 08:46:31 1995 UTC (28 years, 7 months ago) by deraadt
CVS Tags: netbsd_1_1
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored) to selected 1.8 (colored)
initial import of NetBSD tree
Revision 1.1 / (download) - annotate - [select for diffs], Wed Oct 18 08:46:31 1995 UTC (28 years, 7 months ago) by deraadt
Branch: MAIN
Diff to selected 1.8 (colored)
Initial revision