PERFORCE change 164121 for review
rwatson at FreeBSD.org
Thu Jun 11 17:03:28 UTC 2009
Change 164121 by rwatson at rwatson_freebsd_capabilities on 2009/06/11 17:02:44
Update man page.
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/libexec/rtld-elf-cap/rtld-elf-cap.1#4 edit
==== //depot/projects/trustedbsd/capabilities/src/libexec/rtld-elf-cap/rtld-elf-cap.1#4 (text+ko) ====
@@ -32,7 +32,7 @@
-.Dd January 30, 2009
+.Dd June 11, 2009
.Dt RTLD-ELF-CAP 1
@@ -50,11 +50,14 @@
is intended to be directly executed using the
.Xr fexeve 2
system call, and expects the binary to be passed as file descriptor
-.Dv 3 .
+.Dv 3 ,
+as well as additional libraries described by the
-Binaries for the sandbox environment are relocatable shared objects with the
-addition of C start-up code (CSU) normally linked only into binaries
-intended for direct execution.
+Binaries for the sandbox environment are normal, dynamically linked binaries
+as created by
+.Xr gcc 1 .
As with traditional
binaries, the C run-time expects to begin execution with a
@@ -62,28 +65,20 @@
function which will be passed execution-time arguments explicitly, as well
as having access to inherited environmental variables.
-.Xr gcc 1
-command line to build a sandbox-mode binary might be:
-.Bd -literal -offset indent
-gcc -o main.so main.c -shared /usr/lib/crt1.o
+Most capability-mode applications will be started using the APIs defined in
+.Xr libcapability 3 ,
+which properly set up the run-time environment for
.Sh IMPLEMENTATION NOTES
Linking sandbox binaries as relocatable shared objects rather than linking
them with a fixed virtual address allows them to be directly linked into
consumers, if desired, for debugging or performance analysis purposes.
-The C run-time start-up code (CSU) is included to provide an ELF brand as
-function sufficient to properly align the stack, start C run-time services
-such as profiling and thread-local storage, and to provide and pass command
-line arguments and environmental variables to the executing binary.
.Sh SEE ALSO
.Xr gcc 1 ,
.Xr ld-elf.so.1 1 ,
.Xr cap_enter 2 ,
-.Xr fexecve 2
+.Xr fexecve 2 ,
+.Xr libcapability 3
Support for capabilities and capabilities mode was developed as part of the
@@ -91,6 +86,10 @@
WARNING: THIS IS EXPERIMENTAL SECURITY SOFTWARE THAT MUST NOT BE RELIED ON IN
PRODUCTION SYSTEMS. IT WILL BREAK YOUR SOFTWARE IN NEW AND UNEXPECTED WAYS.
+The format of
+is not documented, and may change.
is derived from
More information about the p4-projects