#
fd5846a3 |
| 25-Feb-2024 |
deraadt <deraadt@openbsd.org> |
New accounting flag ABTCFI to indicate signal SIGILL + code ILL_BTCFI has occurred in the process. ok various people
|
#
f4577f1a |
| 19-Jan-2024 |
deraadt <deraadt@openbsd.org> |
pinsyscall(SYS_execve) will soon go away, so the sys/acct.h bit AEXECVE can also be remove. Delete the code using it from the one program that inspects it.
|
#
088ad7e5 |
| 11-Dec-2023 |
deraadt <deraadt@openbsd.org> |
Report system call pinning violations.
|
#
0a857551 |
| 21-Feb-2023 |
deraadt <deraadt@openbsd.org> |
for process kills due to execve from non-pinned syscall address, export a new AEXECVE bit to acct(4), and print it in lastcomm(8) ok bluhm
|
#
13c74f85 |
| 01-Feb-2023 |
bluhm <bluhm@openbsd.org> |
Print the pid in lastcomm(1) output for post mortem analysis. Put it in brackets after the command name, like syslogd does it in log files. A while ago the process id was added to process accountin
Print the pid in lastcomm(1) output for post mortem analysis. Put it in brackets after the command name, like syslogd does it in log files. A while ago the process id was added to process accounting in the kernel, so no ABI break this time. OK deraadt@
show more ...
|
#
d7259957 |
| 04-Dec-2022 |
cheloha <cheloha@openbsd.org> |
userspace: remove vestigial '?' cases from top-level getopt(3) loops
getopt(3) returns '?' when it encounters a flag not present in the in the optstring or if a flag is missing its option argument.
userspace: remove vestigial '?' cases from top-level getopt(3) loops
getopt(3) returns '?' when it encounters a flag not present in the in the optstring or if a flag is missing its option argument. We can handle this case with the "default" failure case with no loss of legibility. Hence, remove all the redundant "case '?':" lines.
Prompted by dlg@. With help from dlg@ and millert@.
Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2
ok naddy@ millert@ dlg@
show more ...
|
#
5e1064a7 |
| 13-Dec-2021 |
deraadt <deraadt@openbsd.org> |
acct(4) ac_tty shouldn't need NODEV from sys/param.h (which is kernel API), -1 is sufficient to indicate the process had no controlling tty, removing one more sys/param.h include in our userland ok m
acct(4) ac_tty shouldn't need NODEV from sys/param.h (which is kernel API), -1 is sufficient to indicate the process had no controlling tty, removing one more sys/param.h include in our userland ok millert
show more ...
|
#
dd06cfbc |
| 09-Sep-2019 |
bluhm <bluhm@openbsd.org> |
Inform about system call memory write protection and stack mapping violations in system accounting. This will help to find missbehaving programs and possible attacks. The flags bit field is full, s
Inform about system call memory write protection and stack mapping violations in system accounting. This will help to find missbehaving programs and possible attacks. The flags bit field is full, so recycle the PDP-11 compatibility on VAX. lastcomm(1) prints the AMAP flag as 'M'. daily(8) prints a list of affected processes. OK deraadt@
show more ...
|
#
227c47e9 |
| 25-Jul-2019 |
bluhm <bluhm@openbsd.org> |
Show unveil(2) violators in lastcomm(1) output and daily mail. input Janne Johansson, schwarze@; OK deraadt@ millert@
|
#
763163dc |
| 27-Feb-2018 |
mpi <mpi@openbsd.org> |
Stop mentionning/testing the for the ASU bit (S flag).
It is of no use since suser() no longer set this bit.
ok millert@, bluhm@
|
#
8788635f |
| 08-Jun-2017 |
bluhm <bluhm@openbsd.org> |
ASLR, W^X, and guard pages trigger processor traps that result in SIGILL, SIGBUS, SIGSEGV signals. Make such memory violations visible in lastcomm(1). This also works if a programm tries to hide th
ASLR, W^X, and guard pages trigger processor traps that result in SIGILL, SIGBUS, SIGSEGV signals. Make such memory violations visible in lastcomm(1). This also works if a programm tries to hide them with a signal handler. Manual kill -SEGV does not generate false positives. OK deraadt@
show more ...
|
#
696e0573 |
| 07-Jun-2017 |
bluhm <bluhm@openbsd.org> |
Add an acct(5) flag for pledge violations. Then lastcomm(1) shows when something went wrong. This allows to monitor whether the system is under attack and that the attack has been prevented by Open
Add an acct(5) flag for pledge violations. Then lastcomm(1) shows when something went wrong. This allows to monitor whether the system is under attack and that the attack has been prevented by OpenBSD pledge(2). OK deraadt@ millert@ jmc@
show more ...
|
#
ffe261bf |
| 11-Mar-2017 |
guenther <guenther@openbsd.org> |
Use sizeof directly instead of a macro from the scary <struct.h>
ok visa@ mpi@ millert@ kettenis@ deraadt@
|
#
0bd1216c |
| 09-Oct-2015 |
deraadt <deraadt@openbsd.org> |
Change all tame callers to namechange to pledge(2).
|
#
d593eea8 |
| 07-Oct-2015 |
deraadt <deraadt@openbsd.org> |
tame "stdio rpath getpw". getpw is for user_from_uid(), which is a libc cache on top of the getpw* functions. ok semarie, who didn't spot the getpw need :)
|
#
f7055df5 |
| 15-Mar-2015 |
millert <millert@openbsd.org> |
tzfile.h is an internal header that should never have been installed. What's worse, the tzfile.h that gets installed is over 20 years old and doesn't match the real tzfile.h in libc/time. This makes
tzfile.h is an internal header that should never have been installed. What's worse, the tzfile.h that gets installed is over 20 years old and doesn't match the real tzfile.h in libc/time. This makes the tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE define has been moved to time.h temporarily until its usage is replaced by 1900 in the tree. Actual removal of tzfile.h is pending a ports build. Based on a diff from deraadt@
show more ...
|
#
b9fc9a72 |
| 16-Jan-2015 |
deraadt <deraadt@openbsd.org> |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_N
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
show more ...
|
#
5195d91e |
| 27-Nov-2013 |
okan <okan@openbsd.org> |
remove erroneous char cast to switch expression processing getopt(3); not used in any cases.
ok deraadt@, guenther@, millert@
|
#
6cd4fad2 |
| 26-Nov-2013 |
deraadt <deraadt@openbsd.org> |
unsigned char casts for ctype ok krw
|
#
043fbe51 |
| 27-Oct-2009 |
deraadt <deraadt@openbsd.org> |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (th
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
show more ...
|
#
98bec930 |
| 16-Jul-2007 |
jmc <jmc@openbsd.org> |
oops, missed a bit from tobias' diff - add "usage: " to usage(); from Tobias Stoeckmann
|
#
2fd73b92 |
| 16-Jul-2007 |
jmc <jmc@openbsd.org> |
sync usage(); from Tobias Stoeckmann
|
#
98204de9 |
| 14-Sep-2004 |
deraadt <deraadt@openbsd.org> |
lint begs for proactive casting, so we give it
|
#
3c2c0383 |
| 26-Jun-2003 |
deraadt <deraadt@openbsd.org> |
more proto fixes
|
#
1837a5ca |
| 10-Jun-2003 |
deraadt <deraadt@openbsd.org> |
mostly ansi cleanup; pval ok
|