version 1.58, 2016/03/06 08:43:00 |
version 1.59, 2016/03/06 10:50:10 |
|
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pledge">pledge(2)</a> |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pledge">pledge(2)</a> |
support integrated: |
support integrated: |
<ul> |
<ul> |
<li>tame(2) system call renamed to pledge(2). |
<li>The tame(2) system call was renamed to pledge(2). |
<li>Many behaviours/semantics extended and refined. |
Behavior and semantics were extended and refined. |
<li>453 out of 707 base system binaries adapted to use pledge. |
<li>453 out of 707 base system binaries were adapted to use pledge. |
<li>14 ports adapted to use pledge (some decompression tools, mutt, |
<li>14 ports now use pledge(2): some decompression tools, mutt, |
some pdf tools, chromium/iridium, and the i3 window manager). |
some pdf tools, chromium/iridium, and the i3 window manager. |
<li>Several bugs exposed by pledge(2) have been corrected, for example in |
<li>Various bugs exposed by pledge(2) were corrected. |
|
For example in |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/bgpd/bgpd.c?rev=1.181&content-type=text/x-cvsweb-markup"> |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/bgpd/bgpd.c?rev=1.181&content-type=text/x-cvsweb-markup"> |
bgpd(8)</a>, |
bgpd(8)</a>, |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin/iked/config.c?rev=1.40&content-type=text/x-cvsweb-markup"> |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin/iked/config.c?rev=1.40&content-type=text/x-cvsweb-markup"> |
|
|
ntpd(8)</a>, |
ntpd(8)</a>, |
and <a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/syslogd/syslogd.c?rev=1.200&content-type=text/x-cvsweb-markup"> |
and <a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/syslogd/syslogd.c?rev=1.200&content-type=text/x-cvsweb-markup"> |
syslogd(8)</a>. |
syslogd(8)</a>. |
<li>Several misguided "features" have been removed, such as |
<li>Several misfeatures were removed, such as: |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/asr/asr.c?rev=1.50&content-type=text/x-cvsweb-markup"> |
<ul> |
support for HOSTALIASES from the resolver</a>, |
<li><a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/asr/asr.c?rev=1.50&content-type=text/x-cvsweb-markup"> |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/asr/asr.c?rev=1.49&content-type=text/x-cvsweb-markup"> |
support for HOSTALIASES</a> |
support for "lookup yp" in /etc/resolv.conf</a>, |
in the |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.bin/binutils-2.17/binutils/rename.c?rev=1.2&content-type=text/x-cvsweb-markup"> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=asr_run"> |
setuid-preserving code in binutils tools</a> or |
resolver</a>. |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/patch/ed.c?rev=1.1&content-type=text/x-cvsweb-markup"> |
<li><a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/asr/asr.c?rev=1.49&content-type=text/x-cvsweb-markup"> |
ed-style diffs via proc/exec in patch(1)</a>. |
support for <tt>lookup yp</tt></a> |
<li>A somewhat intensive audit of userland program so that they could be |
in |
properly annotated with pledge(2) was done, resulting in some design |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=resolv.conf"> |
changes such as in |
resolv.conf(5)</a>. |
|
<li><a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.bin/binutils-2.17/binutils/rename.c?rev=1.2&content-type=text/x-cvsweb-markup"> |
|
setuid-preserving code</a> |
|
in tools from binutils. |
|
<li>handling of |
|
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/patch/ed.c?rev=1.1&content-type=text/x-cvsweb-markup"> |
|
ed-style diffs</a> via proc/exec in |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=patch">patch(1)</a>. |
|
</ul> |
|
<li>Userland programs were audited so that they could be properly annotated |
|
with pledge(2). |
|
This resulted in design changes such as in |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/rdate/rdate.c?rev=1.33&content-type=text/x-cvsweb-markup"> |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/rdate/rdate.c?rev=1.33&content-type=text/x-cvsweb-markup"> |
rdate(1)</a>, |
rdate(1)</a>, |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/sndiod/sndiod.c?rev=1.18&content-type=text/x-cvsweb-markup"> |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/sndiod/sndiod.c?rev=1.18&content-type=text/x-cvsweb-markup"> |
sndiod(8)</a> |
sndiod(8)</a> |
or the introduction of <tt>SOCK_DNS</tt> |
or the introduction of the <tt>SOCK_DNS</tt> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=socket"> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=socket"> |
socket(2)</a> |
socket(2)</a> |
flag that makes an <tt>SS_DNS</tt> tagged socket conceptually different |
flag that makes an <tt>SS_DNS</tt> tagged socket conceptually different |
from a plain socket. |
from a plain socket. |
<li>It also has been used to constrain programs to a more limited POSIX |
<li>pledge(2) is also used to constrain programs that handle untrusted data |
subset, such as some |
to a very limited subset of POSIX. |
|
For example, |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strings">strings(1)</a> |
|
or |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=objdump">objdump(1)</a> |
|
from the |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.bin/binutils-2.17/binutils/objdump.c?rev=1.2&content-type=text/x-cvsweb-markup"> |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.bin/binutils-2.17/binutils/objdump.c?rev=1.2&content-type=text/x-cvsweb-markup"> |
binutils</a> |
binutils</a> |
tools that handle untrusted data |
|
(<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=strings">strings(1)</a>, |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=objdump">objdump(1)</a>, ...), |
|
or the RSA-privsep process in |
or the RSA-privsep process in |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/ca.c?rev=1.15&content-type=text/x-cvsweb-markup"> |
<a href="http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/ca.c?rev=1.15&content-type=text/x-cvsweb-markup"> |
smtpd(1)</a>. |
smtpd(1)</a>. |