| Wed, 11 Jan 2017 02:51:13 +0100 |
Stephan Bosch |
Updated copyright notices to include the year 2017.
|
| Wed, 11 Jan 2017 01:57:46 +0100 |
Stephan Bosch |
global: Replaced all instances of memset(p, 0, sizeof(*p)) with the new i_zero() macro.
|
| Wed, 19 Oct 2016 20:40:22 +0300 |
Aki Tuomi |
lib: Copy target_uid from restrict_access_settings
|
| Wed, 19 Oct 2016 18:44:35 +0300 |
Aki Tuomi |
lib: Add drop_setuid_root for restrict_access
|
| Wed, 13 Jan 2016 12:24:03 +0200 |
Timo Sirainen |
global: freshen copyright
|
| Wed, 23 Sep 2015 14:52:45 +0300 |
Teemu Huovila |
Remove now-unnecessary direct stdlib.h #includes.
|
| Mon, 05 Jan 2015 22:20:10 +0200 |
Phil Carmody |
global: freshen copyright
|
| Tue, 04 Feb 2014 16:23:22 -0500 |
Timo Sirainen |
Updated copyright notices to include year 2014.
|
| Sat, 02 Feb 2013 17:02:55 +0200 |
Timo Sirainen |
Oops :) Update copyrights to 2013 without breaking all .c files.
|
| Sat, 02 Feb 2013 17:01:07 +0200 |
Timo Sirainen |
Updated copyright notices to include year 2013.
|
| Tue, 29 May 2012 18:38:01 +0300 |
Timo Sirainen |
Fixed assert-crash on some situations when user had no supplementary groups.
|
| Sun, 12 Feb 2012 18:55:28 +0200 |
Timo Sirainen |
Updated copyright notices to include year 2012.
|
| Sat, 28 Jan 2012 20:08:40 +0200 |
Timo Sirainen |
restrict_access(): If privileged and primary GIDs are the same, ignore privileged GID.
|
| Wed, 09 Nov 2011 18:20:51 +0200 |
Timo Sirainen |
restrict_access*(): If setuid() fails with EAGAIN, suggest ulimit -u being the problem.
|
| Thu, 17 Mar 2011 16:21:00 +0200 |
Timo Sirainen |
Replaced all getpw/gr*() to use i_getpw/gr*() with improved error handling.
|
| Fri, 04 Mar 2011 20:54:29 +0200 |
Timo Sirainen |
Updated copyright notices to include year 2011.
|
| Mon, 07 Feb 2011 22:37:19 +0200 |
Timo Sirainen |
restrict_access(): Show uid/gid source in setuid()/setgid() failure messages if given.
|
| Tue, 31 Aug 2010 17:06:20 +0100 |
Timo Sirainen |
Fixed setgid() failure error message.
|
| Wed, 12 May 2010 16:39:03 +0200 |
Timo Sirainen |
Added restrict_access_get_env()
HEAD
|
| Wed, 07 Apr 2010 01:49:00 +0300 |
Timo Sirainen |
Started using str_to_*() functions instead of libc's ones.
HEAD
|
| Mon, 08 Mar 2010 19:09:00 +0200 |
Timo Sirainen |
Improved setgid/setuid failure's error message.
HEAD
|
| Mon, 25 Jan 2010 01:19:08 +0200 |
Timo Sirainen |
Updated copyright notices to include year 2010.
HEAD
|
| Sun, 21 Jun 2009 23:31:10 -0400 |
Timo Sirainen |
Added restrict_get_groups_list() for easily getting list of process's groups.
HEAD
|
| Thu, 23 Apr 2009 19:53:44 -0400 |
Timo Sirainen |
Initial commit for v2.0 master rewrite. Several features are still missing.
HEAD
|
| Thu, 09 Apr 2009 20:18:18 -0400 |
Timo Sirainen |
restrict-access: If running as root, don't give "couldn't drop root group privileges" error.
HEAD
|
| Thu, 09 Apr 2009 19:14:23 -0400 |
Timo Sirainen |
restrict-access: Minor code cleanup.
HEAD
|
| Thu, 09 Apr 2009 19:14:06 -0400 |
Timo Sirainen |
restrict-access: One more root dropping fix.
HEAD
|
| Thu, 09 Apr 2009 18:41:13 -0400 |
Timo Sirainen |
restrict-access: More fixes to root checking.
HEAD
|
| Thu, 09 Apr 2009 18:31:53 -0400 |
Timo Sirainen |
restrict-access: Another fix to allow running processes as root.
HEAD
|
| Thu, 09 Apr 2009 18:28:39 -0400 |
Timo Sirainen |
Fix to previous restrict-access changes.
HEAD
|
| Tue, 07 Apr 2009 20:48:53 -0400 |
Timo Sirainen |
Cleaned up restrict_access*() API.
HEAD
|
| Mon, 02 Mar 2009 21:04:11 -0500 |
Timo Sirainen |
Improved logging for core dumping. With Linux use PR_SET_DUMPABLE for imap/pop3.
HEAD
|
| Tue, 06 Jan 2009 09:25:38 -0500 |
Timo Sirainen |
Updated copyright notices to include year 2009.
HEAD
|
| Thu, 18 Dec 2008 18:11:21 +0200 |
Timo Sirainen |
Fix to previous change: Don't lose errno during uid/gid naming.
HEAD
|
| Thu, 18 Dec 2008 18:09:00 +0200 |
Timo Sirainen |
If uid/gid changing fails, log also the name of the uid/gid instead of just the number.
HEAD
|
| Fri, 20 Jun 2008 11:15:50 +0300 |
Timo Sirainen |
AIX compiling fix.
HEAD
|
| Thu, 19 Jun 2008 08:17:37 +0300 |
Timo Sirainen |
Compiling fix for AIX.
HEAD
|
| Tue, 27 May 2008 02:09:47 +0300 |
Timo Sirainen |
Avoid using shadow variables. Unfortunately -Wshadow also complains about
HEAD
|
| Sun, 09 Mar 2008 10:32:59 +0200 |
Timo Sirainen |
Make sure the primary GID is in supplementary groups when using
HEAD
|
| Sun, 09 Mar 2008 10:31:31 +0200 |
Timo Sirainen |
mail_privileged_group didn't work with systems where setresgid() wasn't
HEAD
|
| Tue, 04 Mar 2008 07:54:53 +0200 |
Timo Sirainen |
Replaced mail_extra_groups setting with mail_privileged_group and
HEAD
|
| Mon, 11 Feb 2008 20:17:00 +0200 |
Timo Sirainen |
Renamed T_FRAME_BEGIN/END to T_BEGIN/END. Removed T_FRAME() macro and
HEAD
|
| Sun, 06 Jan 2008 05:16:32 +0200 |
Timo Sirainen |
Setting extra groups crashed.
HEAD
|
| Sun, 06 Jan 2008 00:19:10 +0200 |
Timo Sirainen |
If RESTRICT_* environments aren't set, don't try to enable group -1.
HEAD
|
| Sat, 05 Jan 2008 01:28:46 +0200 |
Timo Sirainen |
Reverted "environment array" changes. It broke overriding imap/pop3 settings
HEAD
|
| Wed, 02 Jan 2008 01:36:51 +0200 |
Timo Sirainen |
Build environment using envarr and pass it to execve(). This is faster than
HEAD
|
| Tue, 01 Jan 2008 22:05:21 +0200 |
Timo Sirainen |
Updated copyright notices to include year 2008.
HEAD
|
| Mon, 10 Dec 2007 15:58:27 +0200 |
Timo Sirainen |
Don't use empty setgroups() list to drop groups. It doesn't work at least
HEAD
|
| Sat, 08 Dec 2007 23:10:57 +0200 |
Timo Sirainen |
Code cleanups and error handling fixes to setting/dropping groups.
HEAD
|
| Wed, 05 Dec 2007 17:47:44 +0200 |
Timo Sirainen |
Replaced t_push/t_pop calls with T_FRAME*() macros.
HEAD
|
| Sat, 03 Nov 2007 17:57:46 +0200 |
Timo Sirainen |
If setgid() fails, includ euid and egid in the log message.
HEAD
|
| Fri, 02 Nov 2007 17:58:14 +0200 |
Timo Sirainen |
If setuid() fails, log the current effective uid.
HEAD
|
| Sun, 28 Oct 2007 02:02:32 +0300 |
Timo Sirainen |
If RESTRICT_USER is empty string, don't call initgroups().
HEAD
|
| Sun, 30 Sep 2007 16:27:12 +0300 |
Timo Sirainen |
Use better error messages for setgroups() failures.
HEAD
|
| Sun, 16 Sep 2007 14:34:22 +0300 |
Timo Sirainen |
Replaced my Copyright notices. The year range always ends with 2007 now.
HEAD
|
| Wed, 28 Mar 2007 23:05:14 +0300 |
Timo Sirainen |
After chrooting try to chroot to $HOME instead of to /. If home doesn't
HEAD
|
| Sun, 03 Dec 2006 17:45:10 +0200 |
Timo Sirainen |
restrict_gid_first/last wasn't working correctly for non-primary groups.
HEAD
|
| Fri, 13 Jan 2006 22:25:57 +0200 |
Timo Sirainen |
Added "bool" type and changed all ints that were used as booleans to bool.
HEAD
|
| Thu, 09 Jun 2005 16:44:53 +0300 |
Timo Sirainen |
32bit UID/GIDs were truncated
HEAD
|
| Sun, 13 Mar 2005 01:10:33 +0200 |
Timo Sirainen |
If we run out of memory, exit with FATAL_OUTOFMEM status instead of dumping
HEAD
|
