Searched hist:224810 (Results 1 - 2 of 2) sorted by relevance
| /freebsd-10.1-release/sys/sys/ | ||
| H A D | namei.h | diff 224810 Sat Aug 13 07:31:06 MDT 2011 jonathan Allow Capsicum capabilities to delegate constrained access to file system subtrees to sandboxed processes. - Use of absolute paths and '..' are limited in capability mode. - Use of absolute paths and '..' are limited when looking up relative to a capability. - When a name lookup is performed, identify what operation is to be performed (such as CAP_MKDIR) as well as check for CAP_LOOKUP. With these constraints, openat() and friends are now safe in capability mode, and can then be used by code such as the capability-mode runtime linker. Approved by: re (bz), mentor (rwatson) Sponsored by: Google Inc |
| /freebsd-10.1-release/sys/kern/ | ||
| H A D | vfs_syscalls.c | diff 224810 Sat Aug 13 07:31:06 MDT 2011 jonathan Allow Capsicum capabilities to delegate constrained access to file system subtrees to sandboxed processes. - Use of absolute paths and '..' are limited in capability mode. - Use of absolute paths and '..' are limited when looking up relative to a capability. - When a name lookup is performed, identify what operation is to be performed (such as CAP_MKDIR) as well as check for CAP_LOOKUP. With these constraints, openat() and friends are now safe in capability mode, and can then be used by code such as the capability-mode runtime linker. Approved by: re (bz), mentor (rwatson) Sponsored by: Google Inc |
Completed in 207 milliseconds