PERFORCE change 134778 for review
Robert Watson
rwatson at FreeBSD.org
Mon Feb 4 05:18:48 PST 2008
http://perforce.freebsd.org/chv.cgi?CH=134778
Change 134778 by rwatson at rwatson_freebsd_capabilities on 2008/02/04 13:17:51
Remove fchdir(2) from set if system calls allowed in capability
mode. Regenreate.
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#6 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#12 edit
.. //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#12 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#6 (text+ko) ====
@@ -5,7 +5,7 @@
# - sys_exit() and close() are very important.
# - Sorted alphabeetically, please keep it that way.
#
-# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#5 $
+# $P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/capabilities.conf#6 $
#
__acl_aclcheck_fd
__acl_delete_fd
@@ -56,11 +56,6 @@
extattr_get_fd
extattr_list_fd
extattr_set_fd
-#
-# Possibly fchdir() should be excluded on the basis that this implies access
-# to the global namespace, and isn't really useful without it.
-#
-fchdir
fchflags
fchmod
fchown
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/init_sysent.c#12 (text+ko) ====
@@ -42,7 +42,7 @@
{ AS(unlink_args), (sy_call_t *)unlink, AUE_UNLINK, NULL, 0, 0, 0 }, /* 10 = unlink */
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0 }, /* 11 = obsolete execv */
{ AS(chdir_args), (sy_call_t *)chdir, AUE_CHDIR, NULL, 0, 0, 0 }, /* 12 = chdir */
- { AS(fchdir_args), (sy_call_t *)fchdir, AUE_FCHDIR, NULL, 0, 0, SYF_CAPENABLED }, /* 13 = fchdir */
+ { AS(fchdir_args), (sy_call_t *)fchdir, AUE_FCHDIR, NULL, 0, 0, 0 }, /* 13 = fchdir */
{ AS(mknod_args), (sy_call_t *)mknod, AUE_MKNOD, NULL, 0, 0, 0 }, /* 14 = mknod */
{ AS(chmod_args), (sy_call_t *)chmod, AUE_CHMOD, NULL, 0, 0, 0 }, /* 15 = chmod */
{ AS(chown_args), (sy_call_t *)chown, AUE_CHOWN, NULL, 0, 0, 0 }, /* 16 = chown */
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/syscalls.c#12 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/kern/systrace_args.c#12 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.h#12 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/syscall.mk#12 (text+ko) ====
==== //depot/projects/trustedbsd/capabilities/src/sys/sys/sysproto.h#12 (text+ko) ====
More information about the p4-projects
mailing list