openssh

mirror of git://anongit.mindrot.org/openssh.git synced 2025-01-01 23:32:04 +00:00

Author	SHA1	Message	Date
Damien Miller	0fa0ed061b	- (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc; patch from Felix von Leitner; ok dtucker	2014-09-10 08:15:34 +10:00
Damien Miller	48abc47e60	- (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to remind myself to add sandbox violation logging via the log socket.	2014-03-17 14:45:56 +11:00
Damien Miller	6434cb2cfb	- (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define __NR_shutdown; some go via the socketcall(2) multiplexer.	2014-02-06 11:17:50 +11:00
Damien Miller	7e5cec6070	- (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) syscall from sandboxes; it may be called by packet_close.	2014-01-31 09:25:34 +11:00
Damien Miller	868ea1ea1c	- (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c] [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c] [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@	2014-01-17 16:47:04 +11:00
Darren Tucker	e9887d1c37	- (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday.	2013-06-02 09:17:09 +10:00
Damien Miller	91f40d8592	- (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com; ok dtucker	2013-02-22 11:37:00 +11:00
Damien Miller	a0433a7096	- (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is not available. Allows use of sshd compiled on host with a filter-capable kernel on hosts that lack the support. bz#2011 ok dtucker@	2012-07-06 10:27:10 +10:00
Damien Miller	e0956e3834	- (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox mode for Linux's new seccomp filter; patch from Will Drewry; feedback and ok dtucker@	2012-04-04 11:27:54 +10:00

9 Commits