|
Revision tags: perseant-exfatfs-base-20250801 netbsd-11-base netbsd-10-1-RELEASE perseant-exfatfs-base-20240630 perseant-exfatfs-base netbsd-8-3-RELEASE netbsd-9-4-RELEASE netbsd-10-0-RELEASE netbsd-10-0-RC6 netbsd-10-0-RC5 netbsd-10-0-RC4 netbsd-10-0-RC3 netbsd-10-0-RC2 netbsd-10-0-RC1 netbsd-10-base netbsd-9-3-RELEASE cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 netbsd-9-2-RELEASE cjep_staticlib_x-base netbsd-9-1-RELEASE phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-8-2-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 netbsd-8-1-RELEASE netbsd-8-1-RC1 pgoyette-compat-merge-20190127 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 netbsd-7-2-RELEASE pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 netbsd-7-1-2-RELEASE pgoyette-compat-base netbsd-7-1-1-RELEASE matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 bouyer-socketcan-base pgoyette-localcount-20170107 netbsd-7-1-RC1 pgoyette-localcount-20161104 netbsd-7-0-2-RELEASE localcount-20160914 netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-7-base yamt-pagecache-base9 yamt-pagecache-tag8 netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 agc-symver-base netbsd-6-1-RC2 netbsd-6-1-RC1 yamt-pagecache-base8 netbsd-6-0-1-RELEASE yamt-pagecache-base7 matt-nb6-plus-nbase yamt-pagecache-base6 netbsd-6-0-RELEASE netbsd-6-0-RC2 tls-maxphys-base matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base5 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231 matt-premerge-20091211 jym-xensuspend-nbase jym-xensuspend-base
|
|
| 1.6 |
22-Apr-2009 |
lukem |
Enable WARNS=4 by default, except for:
cpuctl dumplfs hprop ipf iprop-log kadmin kcm kdc kdigest
kimpersonate kstash ktutil makefs ndbootd ntp pppd quot
racoon racoonctl rtadvd sntp sup tcpdchk tcpdmatch tcpdump
traceroute traceroute6 user veriexecgen wsmoused zic
(Mostly third-party applications)
|
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 netbsd-5-base matt-mips64-base2 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2
|
|
| 1.5 |
11-Aug-2008 |
christos |
branches: 1.5.6;
try to handle different byte orders.
|
|
Revision tags: wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base keiichi-mipv6-nbase keiichi-mipv6-base matt-armv6-nbase matt-armv6-prevmlocking cube-autoconf-base matt-armv6-base matt-mips64-base hpcarm-cleanup-base
|
|
| 1.4 |
08-Feb-2007 |
elad |
branches: 1.4.12;
revert previouses
|
| 1.3 |
08-Feb-2007 |
elad |
Add a comment indicating why this program is installed 0550, as suggested
by christos@. The comment reads:
# This program is set 0550 because, as security(8) states, it has
# the potential to deplete kernel memory, under certain conditions.
|
| 1.2 |
08-Feb-2007 |
elad |
Install paxctl(8) as 0550.
|
| 1.1 |
30-Jan-2007 |
elad |
branches: 1.1.2;
Move paxctl from usr.bin/paxctl to usr.sbin/paxctl, and make it an admin
tool (man-page moved from section 1 to section 8).
|
|
Revision tags: perseant-exfatfs-base-20250801 netbsd-11-base perseant-exfatfs-base-20240630 perseant-exfatfs-base
|
|
| 1.22 |
21-Aug-2023 |
dholland |
paxctl(8): it is not a bug that paxctl settings are persistent.
Nor is it a bug that they're applied to the file rather than stored in
some magic secret database where they survive reinstalls, which the
prior wording seems to suggest was the eventual intention.
It is worth noting that they change the target file, so still say that.
|
| 1.21 |
16-Aug-2023 |
gutteridge |
paxctl.8: minor grammar/style corrections
|
| 1.20 |
23-Jun-2023 |
uwe |
paxctl(8): brush up
Tell the user how to list flags right away, not at the very end.
Do not repeat "for the program" 6 times for each flag letter, it's a
noise by itself already and the italics of .Ar program exacerbates it.
Make the list of flags compact but manually add breaks between the
pairs of enable/disable flags.
|
| 1.19 |
23-Jun-2023 |
uwe |
paxctl(8): fix markup
|
| 1.18 |
23-Jun-2023 |
wiz |
Use Fl for options.
|
| 1.17 |
23-Jun-2023 |
rin |
paxctl(8): Introduce -0 option to clear all PaX flag bits in ELF note.
Part of PR toolchain/52675
|
|
Revision tags: netbsd-8-3-RELEASE netbsd-9-4-RELEASE netbsd-10-base netbsd-9-3-RELEASE cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 netbsd-9-2-RELEASE cjep_staticlib_x-base netbsd-9-1-RELEASE phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-8-2-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 netbsd-8-1-RELEASE netbsd-8-1-RC1 pgoyette-compat-merge-20190127 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
|
| 1.16 |
08-Nov-2016 |
wiz |
branches: 1.16.24;
New sentence, new line.
|
| 1.15 |
08-Nov-2016 |
pgoyette |
Merge changes from David H. Gutteridge in PR misc/51612
Thanks!
|
|
Revision tags: pgoyette-localcount-20161104 netbsd-7-0-2-RELEASE localcount-20160914 netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 tls-maxphys-base
|
|
| 1.14 |
18-Mar-2014 |
riastradh |
branches: 1.14.4; 1.14.8; 1.14.10;
Merge riastradh-drm2 to HEAD.
|
|
Revision tags: riastradh-drm2-base3 riastradh-drm2-base2 riastradh-drm2-base1
|
|
| 1.13 |
20-Jul-2013 |
wiz |
Use Mt for email addresses.
|
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE yamt-pagecache-tag8 netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE riastradh-drm2-base netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 agc-symver-base netbsd-6-1-RC2 netbsd-6-1-RC1 yamt-pagecache-base8 netbsd-6-0-1-RELEASE yamt-pagecache-base7 matt-nb6-plus-nbase yamt-pagecache-base6 netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base5 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base
|
|
| 1.12 |
28-Apr-2011 |
wiz |
branches: 1.12.4; 1.12.10; 1.12.14;
security(7), not (8).
|
|
Revision tags: bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231 matt-premerge-20091211
|
|
| 1.11 |
17-Sep-2009 |
plunky |
offer some actual information about what PaX might be, and provide
tips for further reading.
|
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE jym-xensuspend-nbase netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 jym-xensuspend-base netbsd-5-0-RC1 netbsd-5-base matt-mips64-base2 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2
|
|
| 1.10 |
11-Aug-2008 |
christos |
try to handle different byte orders.
|
|
Revision tags: wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base keiichi-mipv6-nbase keiichi-mipv6-base matt-armv6-nbase hpcarm-cleanup-base
|
|
| 1.9 |
11-Feb-2008 |
elad |
branches: 1.9.6;
Add Christos to the AUTHORS section.
|
| 1.8 |
11-Feb-2008 |
elad |
There's no use for the '-l' flag, so don't document it. Viewing PaX flags
is done by issuing "paxctl file" with no flags, so note that it the
man-page instead.
From Michal Spacek, thanks!
|
|
Revision tags: matt-armv6-base
|
|
| 1.7 |
26-Dec-2007 |
christos |
Document ASLR
|
|
Revision tags: cube-autoconf-base
|
|
| 1.6 |
08-Dec-2007 |
christos |
We should be able to operate on more than one file, like other unix tools.
|
|
Revision tags: matt-armv6-prevmlocking
|
|
| 1.5 |
20-Aug-2007 |
perry |
branches: 1.5.2;
Never use "utilize". It means exactly the same thing as "use", but it
is longer and more cumbersome. It can always be replaced with "use"
without any change in meaning.
|
|
Revision tags: matt-mips64-base
|
|
| 1.4 |
19-May-2007 |
wiz |
Sort sections. Use Po/Pc to avoid weird Xr arguments.
|
| 1.3 |
04-Mar-2007 |
christos |
it is segvguard.
|
| 1.2 |
04-Mar-2007 |
christos |
Say that Servguard will use fileassoc in the future. From Elad.
|
| 1.1 |
30-Jan-2007 |
elad |
branches: 1.1.2;
Move paxctl from usr.bin/paxctl to usr.sbin/paxctl, and make it an admin
tool (man-page moved from section 1 to section 8).
|
|
Revision tags: perseant-exfatfs-base-20250801 netbsd-11-base perseant-exfatfs-base-20240630 perseant-exfatfs-base
|
|
| 1.13 |
23-Jun-2023 |
rin |
paxctl(8): Introduce -0 option to clear all PaX flag bits in ELF note.
Part of PR toolchain/52675
|
|
Revision tags: netbsd-8-3-RELEASE netbsd-9-4-RELEASE netbsd-10-base netbsd-9-3-RELEASE cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 netbsd-9-2-RELEASE cjep_staticlib_x-base netbsd-9-1-RELEASE phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-8-2-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 netbsd-8-1-RELEASE netbsd-8-1-RC1 pgoyette-compat-merge-20190127 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 netbsd-7-2-RELEASE pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 netbsd-7-1-2-RELEASE pgoyette-compat-base netbsd-7-1-1-RELEASE matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 bouyer-socketcan-base pgoyette-localcount-20170107 netbsd-7-1-RC1 pgoyette-localcount-20161104 netbsd-7-0-2-RELEASE localcount-20160914 netbsd-7-nhusb-base pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-7-base yamt-pagecache-base9 yamt-pagecache-tag8 netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 agc-symver-base netbsd-6-1-RC2 netbsd-6-1-RC1 yamt-pagecache-base8 netbsd-6-0-1-RELEASE yamt-pagecache-base7 matt-nb6-plus-nbase yamt-pagecache-base6 netbsd-6-0-RELEASE netbsd-6-0-RC2 tls-maxphys-base matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base5 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231 matt-premerge-20091211
|
|
| 1.12 |
27-Oct-2009 |
christos |
branches: 1.12.56;
PR/42239: M. Levinson: paxctl(8) fails since binutils 2.19.1 upgrade
binutils-2.19.1 tries to create one note section for all adjacent loadable
note sections, instead of the old behavior where each note is in its own
section. The fix looks at the section headers instead of the program headers
for the note.
|
|
Revision tags: jym-xensuspend-nbase jym-xensuspend-base
|
|
| 1.11 |
02-May-2009 |
christos |
easier done with a goto instead of closing in each error.
|
| 1.10 |
02-May-2009 |
elad |
PR/41332: Jason V. Miller: paxctl(8) leaks file descriptors
Always close(fd) before returning.
Thanks for the report!
|
| 1.9 |
18-Jan-2009 |
lukem |
branches: 1.9.2;
fix -Wsign-compare issues
|
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 netbsd-5-base matt-mips64-base2 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2
|
|
| 1.8 |
11-Aug-2008 |
christos |
try to handle different byte orders.
|
|
Revision tags: wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base keiichi-mipv6-nbase keiichi-mipv6-base matt-armv6-nbase matt-armv6-base hpcarm-cleanup-base
|
|
| 1.7 |
26-Dec-2007 |
christos |
branches: 1.7.6;
Allow turning ASLR on and off.
|
| 1.6 |
24-Dec-2007 |
elad |
Fix typos:
- Mprotect -> MPROTECT
- Servguard -> Segvguard
While here, pad values.
|
| 1.5 |
15-Dec-2007 |
perry |
convert __attribute__s to applicable cdefs.h macros
|
|
Revision tags: cube-autoconf-base
|
|
| 1.4 |
11-Dec-2007 |
christos |
fix usage to say we can take multiple files.
|
| 1.3 |
08-Dec-2007 |
christos |
We should be able to operate on more than one file, like other unix tools.
|
|
Revision tags: matt-armv6-prevmlocking matt-mips64-base
|
|
| 1.2 |
24-Jun-2007 |
christos |
branches: 1.2.4;
Use an elf note to handle pax arguments. This is a temporary solution to
avoid wasting OS flag bits. In the future we'll probably use fileassoc to
achieve this (once there is a way to make fileassoc persistent) or in the
shorter term libelf, so that we can add and remove the note on demand instead
of burning bits on each binary. Of course since this is a tool, this means
that we'll need to think about how to handle libelf...
|
| 1.1 |
30-Jan-2007 |
elad |
branches: 1.1.2;
Move paxctl from usr.bin/paxctl to usr.sbin/paxctl, and make it an admin
tool (man-page moved from section 1 to section 8).
|