| #
259065 |
|
07-Dec-2013 |
gjb |
- Copy stable/10 (r259064) to releng/10.0 as part of the
10.0-RELEASE cycle.
- Update __FreeBSD_version [1]
- Set branch name to -RC1
[1] 10.0-CURRENT __FreeBSD_version value ended at '55', so
start releng/10.0 at '100' so the branch is started with
a value ending in zero.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation |
| #
256281 |
|
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
|
| #
249404 |
|
12-Apr-2013 |
gahr |
- Switch order of setting real uid and gid. If we set uid first, then we
don't have enough privileges to set gid.
This looks like a long standing bug, just recently revealed by r241852.
Approved by: cognet
|
| #
241852 |
|
22-Oct-2012 |
eadler |
Check the return error of set[ug]id. While this can never fail in the
current version of FreeBSD, this isn't guarenteed by the API. Custom
security modules, or future implementations of the setuid and setgid
may fail.
PR: bin/172289
PR: bin/172290
PR: bin/172291
Submittud by: Erik Cederstrand <erik@cederstrand.dk>
Discussed by: freebsd-security
Approved by: cperciva
MFC after: 1 week
|
| #
241737 |
|
19-Oct-2012 |
ed |
More -Wmissing-variable-declarations fixes.
In addition to adding `static' where possible:
- bin/date: Move `retval' into extern.h to make it visible to date.c.
- bin/ed: Move globally used variables into ed.h.
- sbin/camcontrol: Move `verbose' into camcontrol.h and fix shadow warnings.
- usr.bin/calendar: Remove unneeded variables.
- usr.bin/chat: Make `line' local instead of global.
- usr.bin/elfdump: Comment out unneeded function.
- usr.bin/rlogin: Use _Noreturn instead of __dead2.
- usr.bin/tset: Pull `Ospeed' into extern.h.
- usr.sbin/mfiutil: Put global variables in mfiutil.h.
- usr.sbin/pkg: Remove unused `os_corres'.
- usr.sbin/quotaon, usr.sbin/repquota: Remove unused `qfname'.
|
| #
227269 |
|
06-Nov-2011 |
ed |
Partially revert r227233.
The privs.h header is not only used by at(1), it's also used by
atrun(8). Just let the code the way it used to be (for now).
Reported by: kwm, tinderbox
Hat to: me
|
| #
227233 |
|
06-Nov-2011 |
ed |
Add missing static keywords to at(1).
While there, tidy up the privs.h part, where at.c has to #define to
declare some globals. Also group static and non-static global variables
in at.c.
|
| #
82973 |
|
04-Sep-2001 |
ru |
SECURITY.
Fixed macros for temporarily relinquishing and restoring setuid/setgid
privileges so that they never change the real user and group IDs of
the calling process.
The setre[ug]id() calls are still used in the REDUCE_PERM macro (with
the r[ug]id arguments of -1) so that the call changes the saved user
and group IDs of the process to that specified.
Also, the panic() and perr() functions had insufficient privileges to
delete the problematic file under /var/at.
|
| #
54158 |
|
05-Dec-1999 |
charnier |
Correct use of .Nm, .Em, .Ev
Add rcsid. Use errx instead of fprintf + exit.
Various spelling fixes.
|
| #
10154 |
|
21-Aug-1995 |
ache |
Upgrade to 2.9
|
| #
8874 |
|
30-May-1995 |
rgrimes |
Remove trailing whitespace.
|
| #
8112 |
|
27-Apr-1995 |
ache |
Remove setre* hacks, we have working thing now
|
| #
7860 |
|
15-Apr-1995 |
ache |
Fight over non-working setruid
|
| #
7767 |
|
12-Apr-1995 |
ache |
Upgrade.
|
| #
941 |
|
04-Jan-1994 |
nate |
Added at/atrm/atq/batch from Linux as hacked by Chris Demetriou.
|