1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-10 09:42:26 +00:00
freebsd/sys/kern
Robert Watson 0ef5652e27 o Introduce new kern.security sysctl tree for kernel security policy
MIB entries.
o Relocate kern.suser_permitted to kern.security.suser_permitted.
o Introduce new kern.security.unprivileged_procdebug_permitted, which
  (when set to 0) prevents processes without privilege from performing
  a variety of inter-process debugging activities.  The default is 1,
  to provide current behavior.

  This feature allows "hardened" systems to disable access to debugging
  facilities, which have been associated with a number of past security
  vulnerabilities.  Previously, while procfs could be unmounted, other
  in-kernel facilities (such as ptrace()) were still available.  This
  setting should not be modified on normal development systems, as it
  will result in frustration.  Some utilities respond poorly to
  failing to get the debugging access they require, and error response
  by these utilities may be improved in the future in the name of
  beautification.

  Note that there are currently some odd interactions with some
  facilities, which will need to be resolved before this should be used
  in production, including odd interactions with truss and ktrace.
  Note also that currently, tracing is permitted on the current process
  regardless of this flag, for compatibility with previous
  authorization code in various facilities, but that will probably
  change (and resolve the odd interactions).

Obtained from:	TrustedBSD Project
2001-07-31 15:48:21 +00:00
..
bus_if.m
device_if.m
genassym.sh
imgact_aout.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
imgact_elf.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
imgact_gzip.c
imgact_shell.c
inflate.c
init_main.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
init_sysent.c
kern_acct.c
kern_acl.c
kern_cap.c
kern_clock.c
kern_condvar.c Backout mwakeup, etc. 2001-07-06 01:16:43 +00:00
kern_conf.c
kern_descrip.c
kern_environment.c
kern_event.c Introduce EVFILT_TIMER, which allows a process to establish an 2001-07-19 18:34:40 +00:00
kern_exec.c Correct spelling in a comment and remove trailing newline from a 2001-07-11 02:04:43 +00:00
kern_exit.c As per further discussions on hackers redo the SIGCHLD patch to not generate 2001-07-22 18:47:31 +00:00
kern_fork.c Get rid of useless bcopy (the next statement was equivalent) 2001-07-09 19:00:08 +00:00
kern_idle.c
kern_intr.c Make the schedlock saved critical section state a per-thread property. 2001-06-30 03:11:26 +00:00
kern_jail.c
kern_kthread.c Don't use kp->arg0 as a format string, grr. 2001-07-19 02:18:54 +00:00
kern_ktr.c - Replace the unused KTR_IDLELOOP trace class with a new KTR_WITNESS trace 2001-06-25 23:09:31 +00:00
kern_ktrace.c o Replace calls to p_can(..., P_CAN_xxx) with calls to p_canxxx(). 2001-07-05 17:10:46 +00:00
kern_linker.c Don't try to print a field that doesn't exist; in usually commented 2001-07-31 03:51:07 +00:00
kern_lock.c
kern_lockf.c
kern_malloc.c
kern_mib.c Fix cut/paste blunder. Serves me right for doing a last minute tweak 2001-07-27 15:52:49 +00:00
kern_module.c
kern_mutex.c
kern_ntptime.c
kern_physio.c
kern_proc.c o Replace calls to p_can(..., P_CAN_xxx) with calls to p_canxxx(). 2001-07-05 17:10:46 +00:00
kern_prot.c o Introduce new kern.security sysctl tree for kernel security policy 2001-07-31 15:48:21 +00:00
kern_random.c
kern_resource.c add prototype for dosetrlimit 2001-07-22 00:21:19 +00:00
kern_shutdown.c - Sort includes. 2001-06-25 18:30:42 +00:00
kern_sig.c As per further discussions on hackers redo the SIGCHLD patch to not generate 2001-07-22 18:47:31 +00:00
kern_subr.c Remove spl's in uio_yield() that are covered by the sched_lock. 2001-07-03 15:58:37 +00:00
kern_switch.c Spelling fix in a KASSERT: runq_chose -> runq_choose. 2001-07-04 20:00:48 +00:00
kern_sx.c - Add trylock variants of shared and exclusive locks. 2001-06-27 06:39:37 +00:00
kern_synch.c Backout mwakeup, etc. 2001-07-06 01:16:43 +00:00
kern_syscalls.c
kern_sysctl.c Make dynamic sysctl entries start at 0x100, not decimal 100 - there are 2001-07-25 17:21:18 +00:00
kern_tc.c
kern_time.c
kern_timeout.c
kern_xxx.c
ksched.c
link_aout.c
link_elf_obj.c Use a machine dependent type, Elf_Hashelt, for the elements of the elf 2001-07-31 03:46:39 +00:00
link_elf.c Use a machine dependent type, Elf_Hashelt, for the elements of the elf 2001-07-31 03:46:39 +00:00
linker_if.m
Make.tags.inc
Makefile
makeobjops.pl revert previous commit (bad style and not needed) 2001-07-22 10:24:31 +00:00
makesyscalls.sh
md4c.c
md5c.c
p1003_1b.c o Replace calls to p_can(..., P_CAN_xxx) with calls to p_canxxx(). 2001-07-05 17:10:46 +00:00
posix4_mib.c
subr_acl_posix1e.c
subr_autoconf.c
subr_blist.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
subr_bus.c Move the hints gunk to a seperate file. It isn't really part of the 2001-07-14 08:25:18 +00:00
subr_clist.c
subr_devstat.c
subr_disk.c
subr_disklabel.c
subr_diskmbr.c
subr_diskslice.c
subr_eventhandler.c Don't try to find an eventhandler list if the list of lists hasn't 2001-07-31 03:52:16 +00:00
subr_hints.c Go back to having either static OR dynamic hints, with fallback 2001-07-14 00:23:10 +00:00
subr_kobj.c
subr_log.c
subr_mbuf.c Use the tunable maxusers rather than the compile-time one. Evaluate and 2001-07-26 23:08:31 +00:00
subr_mchain.c
subr_module.c
subr_param.c Move param.c out of the conf directory and make it fully dynamic. 2001-07-26 23:04:03 +00:00
subr_pcpu.c
subr_prf.c Make the code to read the kernel message buffer via sysctl machine- 2001-07-03 19:44:07 +00:00
subr_prof.c
subr_rman.c
subr_sbuf.c Constify the format string. 2001-07-03 21:46:43 +00:00
subr_scanf.c
subr_smp.c
subr_taskqueue.c
subr_trap.c postsig() currently requires Giant to be held. Giant is held properly at 2001-07-04 15:36:30 +00:00
subr_turnstile.c
subr_witness.c Add a missing ~ so that the LO_INITIALIZED flag actually gets turned off 2001-07-20 23:29:25 +00:00
subr_xxx.c
sys_generic.c
sys_pipe.c cleanup: GIANT macros, rename DEPRECIATE to DEPRECATE 2001-07-04 17:11:03 +00:00
sys_process.c o Replace calls to p_can(..., P_CAN_xxx) with calls to p_canxxx(). 2001-07-05 17:10:46 +00:00
sys_socket.c Don't bother passing p to rtioctl just so it can fail to pass it to mrt_ioctl 2001-07-25 20:15:28 +00:00
syscalls.c
syscalls.master
sysv_ipc.c
sysv_msg.c Fix obsolete code. 2001-07-30 19:28:02 +00:00
sysv_sem.c
sysv_shm.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
tty_compat.c
tty_conf.c
tty_cons.c
tty_pty.c
tty_subr.c
tty_tty.c
tty.c
uipc_accf.c
uipc_domain.c
uipc_mbuf2.c
uipc_mbuf.c
uipc_proto.c
uipc_sockbuf.c Fix up indentation. 2001-06-29 04:01:38 +00:00
uipc_socket2.c Fix up indentation. 2001-06-29 04:01:38 +00:00
uipc_socket.c
uipc_syscalls.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
uipc_usrreq.c
vfs_acl.c
vfs_aio.c
vfs_bio.c Revert previous accidental commit. FWIW, it was part of enabling 2001-07-27 15:57:17 +00:00
vfs_cache.c
vfs_cluster.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
vfs_conf.c
vfs_default.c With Alfred's permission, remove vm_mtx in favor of a fine-grained approach 2001-07-04 16:20:28 +00:00
vfs_export.c
vfs_extattr.c Constify the fstype argument to vfs_mount(). This eliminates at least one 2001-07-09 19:11:51 +00:00
vfs_init.c
vfs_lookup.c
vfs_mount.c
vfs_subr.c Revert previous accidental commit. FWIW, it was part of enabling 2001-07-27 15:57:17 +00:00
vfs_syscalls.c Constify the fstype argument to vfs_mount(). This eliminates at least one 2001-07-09 19:11:51 +00:00
vfs_vnops.c
vnode_if.pl
vnode_if.src correct description of `vpp' for mknod/symlink: they are actually 2001-07-24 16:16:00 +00:00