| #
1.10 |
|
29-Aug-2022 |
deraadt |
Dynamically link these /sbin daemons: dhcpleased, mountd, nfsd, pflogd,
resolvd, slaacd, unwind.
The mitigation story is way better: syscalls are in a randomly located
libc, and every syscall stub is randomly located inside that due to
random relinking. As opposed to fixed offset inside a release binary.
There is one known consequence: /usr nfs mounting must use statically
configured IP addresses.
ok kettenis florian, others
|
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
|
| #
1.9 |
|
19-Jun-2013 |
lteo |
Do not install pcap-int.h to /usr/include as it is an internal library
header (pointed out by matthew@). Let only pflogd and tcpdump include
pcap-int.h directly since they need it for privilege separation.
"looks good" sthen
feedback/ok deraadt matthew millert
|
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
|
| #
1.8 |
|
16-Nov-2009 |
otto |
pflogd no longer needs libutil; ok deraadt@
|
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
|
| #
1.7 |
|
26-Nov-2006 |
deraadt |
repair missing DPADD requests
|
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
|
| #
1.6 |
|
20-Nov-2003 |
avsm |
remove -Werror from userland builds, to give us a chance to
use more verbose warning options if desired.
ok millert@, henning@, david@
|
| #
1.5 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
|
| #
1.4 |
|
01-Mar-2003 |
cloder |
Add ANSI prototypes. Get rid of shadow warnings. Use correct
printf format specifiers where needed. Clarify one comment.
Now compiles with -Wmissing-prototypes -Wshadow, and this is
reflected in the Makefile.
OK deraadt@
|
|
Revision tags: OPENBSD_3_2_BASE
|
|
| #
1.3 |
|
11-May-2002 |
espie |
Add missing libraries to bsd.prog.mk (mostly kerberosV)
Use them in DPADD throughout the tree.
Fix a few mispells (LIBMATH -> LIBM...)
Wipe obsolete lib (LIBRESOLV)
Sort added missing libraries, move obsolete stuff apart.
Synch documentation in bsd.README
ok deraadt@
|
|
Revision tags: OPENBSD_3_1_BASE
|
|
| #
1.2 |
|
01-Dec-2001 |
miod |
Use pidfile() instead of doing the equivalent thing by hand, and sometimes
forgetting to unlink the pid file at exit.
ok millert@ deraadt@
|
|
Revision tags: OPENBSD_3_0_BASE
|
|
| #
1.1 |
|
21-Aug-2001 |
deraadt |
pflogd; work by canacar@eee.metu.edu.tr and myself
|
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
|
| #
1.9 |
|
19-Jun-2013 |
lteo |
Do not install pcap-int.h to /usr/include as it is an internal library
header (pointed out by matthew@). Let only pflogd and tcpdump include
pcap-int.h directly since they need it for privilege separation.
"looks good" sthen
feedback/ok deraadt matthew millert
|
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
|
| #
1.8 |
|
16-Nov-2009 |
otto |
pflogd no longer needs libutil; ok deraadt@
|
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
|
| #
1.7 |
|
26-Nov-2006 |
deraadt |
repair missing DPADD requests
|
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE
|
|
| #
1.6 |
|
20-Nov-2003 |
avsm |
remove -Werror from userland builds, to give us a chance to
use more verbose warning options if desired.
ok millert@, henning@, david@
|
| #
1.5 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|
|
Revision tags: OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
|
| #
1.4 |
|
01-Mar-2003 |
cloder |
Add ANSI prototypes. Get rid of shadow warnings. Use correct
printf format specifiers where needed. Clarify one comment.
Now compiles with -Wmissing-prototypes -Wshadow, and this is
reflected in the Makefile.
OK deraadt@
|
|
Revision tags: OPENBSD_3_2_BASE
|
|
| #
1.3 |
|
11-May-2002 |
espie |
Add missing libraries to bsd.prog.mk (mostly kerberosV)
Use them in DPADD throughout the tree.
Fix a few mispells (LIBMATH -> LIBM...)
Wipe obsolete lib (LIBRESOLV)
Sort added missing libraries, move obsolete stuff apart.
Synch documentation in bsd.README
ok deraadt@
|
|
Revision tags: OPENBSD_3_1_BASE
|
|
| #
1.2 |
|
01-Dec-2001 |
miod |
Use pidfile() instead of doing the equivalent thing by hand, and sometimes
forgetting to unlink the pid file at exit.
ok millert@ deraadt@
|
|
Revision tags: OPENBSD_3_0_BASE
|
|
| #
1.1 |
|
21-Aug-2001 |
deraadt |
pflogd; work by canacar@eee.metu.edu.tr and myself
|