#
1.10 |
|
29-Aug-2022 |
deraadt |
Dynamically link these /sbin daemons: dhcpleased, mountd, nfsd, pflogd, resolvd, slaacd, unwind. The mitigation story is way better: syscalls are in a randomly located libc, and every syscall stub is randomly located inside that due to random relinking. As opposed to fixed offset inside a release binary. There is one known consequence: /usr nfs mounting must use statically configured IP addresses. ok kettenis florian, others
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.9 |
|
19-Jun-2013 |
lteo |
Do not install pcap-int.h to /usr/include as it is an internal library header (pointed out by matthew@). Let only pflogd and tcpdump include pcap-int.h directly since they need it for privilege separation.
"looks good" sthen feedback/ok deraadt matthew millert
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.8 |
|
16-Nov-2009 |
otto |
pflogd no longer needs libutil; ok deraadt@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.7 |
|
26-Nov-2006 |
deraadt |
repair missing DPADD requests
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.6 |
|
20-Nov-2003 |
avsm |
remove -Werror from userland builds, to give us a chance to use more verbose warning options if desired. ok millert@, henning@, david@
|
#
1.5 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.4 |
|
01-Mar-2003 |
cloder |
Add ANSI prototypes. Get rid of shadow warnings. Use correct printf format specifiers where needed. Clarify one comment. Now compiles with -Wmissing-prototypes -Wshadow, and this is reflected in the Makefile. OK deraadt@
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.3 |
|
11-May-2002 |
espie |
Add missing libraries to bsd.prog.mk (mostly kerberosV) Use them in DPADD throughout the tree. Fix a few mispells (LIBMATH -> LIBM...) Wipe obsolete lib (LIBRESOLV) Sort added missing libraries, move obsolete stuff apart. Synch documentation in bsd.README
ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.2 |
|
01-Dec-2001 |
miod |
Use pidfile() instead of doing the equivalent thing by hand, and sometimes forgetting to unlink the pid file at exit. ok millert@ deraadt@
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.1 |
|
21-Aug-2001 |
deraadt |
pflogd; work by canacar@eee.metu.edu.tr and myself
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.9 |
|
19-Jun-2013 |
lteo |
Do not install pcap-int.h to /usr/include as it is an internal library header (pointed out by matthew@). Let only pflogd and tcpdump include pcap-int.h directly since they need it for privilege separation.
"looks good" sthen feedback/ok deraadt matthew millert
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.8 |
|
16-Nov-2009 |
otto |
pflogd no longer needs libutil; ok deraadt@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.7 |
|
26-Nov-2006 |
deraadt |
repair missing DPADD requests
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
#
1.6 |
|
20-Nov-2003 |
avsm |
remove -Werror from userland builds, to give us a chance to use more verbose warning options if desired. ok millert@, henning@, david@
|
#
1.5 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.4 |
|
01-Mar-2003 |
cloder |
Add ANSI prototypes. Get rid of shadow warnings. Use correct printf format specifiers where needed. Clarify one comment. Now compiles with -Wmissing-prototypes -Wshadow, and this is reflected in the Makefile. OK deraadt@
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.3 |
|
11-May-2002 |
espie |
Add missing libraries to bsd.prog.mk (mostly kerberosV) Use them in DPADD throughout the tree. Fix a few mispells (LIBMATH -> LIBM...) Wipe obsolete lib (LIBRESOLV) Sort added missing libraries, move obsolete stuff apart. Synch documentation in bsd.README
ok deraadt@
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.2 |
|
01-Dec-2001 |
miod |
Use pidfile() instead of doing the equivalent thing by hand, and sometimes forgetting to unlink the pid file at exit. ok millert@ deraadt@
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.1 |
|
21-Aug-2001 |
deraadt |
pflogd; work by canacar@eee.metu.edu.tr and myself
|