[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS: cvs.openbsd.org: src



CVSROOT:	/cvs
Module name:	src
Changes by:	itojun_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	2002/10/16 09:01:08

Modified files:
	sys/dev        : systrace.c systrace.h 
	bin/systrace   : Makefile filter.c intercept.c intercept.h lex.l 
	                 openbsd-syscalls.c parse.y systrace.1 
	                 systrace.c systrace.h 

Log message:
support for privilege elevation.

with privilege elevation no suid or sgid binaries are necessary any
longer.  Applications can be executed completely
unprivileged. Systrace raises the privileges for a single system call
depending on the configured policy.

Idea from discussions with Perry Metzger, Dug Song and Marcus Watts.

from provos



Visit your host, monkey.org