| History log of /src/usr.sbin/paxctl |
| Revision | Date | Author | Comments |
| 1.6 | 22-Apr-2009 |
lukem | Enable WARNS=4 by default, except for:
cpuctl dumplfs hprop ipf iprop-log kadmin kcm kdc kdigest
kimpersonate kstash ktutil makefs ndbootd ntp pppd quot
racoon racoonctl rtadvd sntp sup tcpdchk tcpdmatch tcpdump
traceroute traceroute6 user veriexecgen wsmoused zic
(Mostly third-party applications)
|
| 1.5 | 11-Aug-2008 |
christos | branches: 1.5.6;
try to handle different byte orders.
|
| 1.4 | 08-Feb-2007 |
elad | branches: 1.4.12;
revert previouses
|
| 1.3 | 08-Feb-2007 |
elad | Add a comment indicating why this program is installed 0550, as suggested
by christos@. The comment reads:
# This program is set 0550 because, as security(8) states, it has
# the potential to deplete kernel memory, under certain conditions.
|
| 1.2 | 08-Feb-2007 |
elad | Install paxctl(8) as 0550.
|
| 1.1 | 30-Jan-2007 |
elad | branches: 1.1.2;
Move paxctl from usr.bin/paxctl to usr.sbin/paxctl, and make it an admin
tool (man-page moved from section 1 to section 8).
|
| 1.1.2.2 | 06-Feb-2007 |
tron | Pull up following revision(s) (requested by elad in ticket #396):
distrib/sets/lists/base/mi: revision 1.685
usr.sbin/paxctl/Makefile: revision 1.1
usr.bin/Makefile: revision 1.156
usr.sbin/paxctl/paxctl.c: revision 1.1
usr.bin/paxctl/paxctl.1: file removal
usr.sbin/paxctl/paxctl.8: revision 1.1
distrib/sets/lists/comp/mi: revision 1.995
usr.bin/paxctl/Makefile: file removal
distrib/sets/lists/man/mi: revision 1.971
usr.bin/paxctl/paxctl.c: file removal
usr.sbin/Makefile: revision 1.225
Move paxctl from usr.bin/paxctl to usr.sbin/paxctl, and make it an admin
tool (man-page moved from section 1 to section 8).
|
| 1.1.2.1 | 30-Jan-2007 |
tron | file Makefile was added on branch netbsd-4 on 2007-02-06 22:20:42 +0000
|
| 1.4.12.1 | 18-Sep-2008 |
wrstuden | Sync with wrstuden-revivesa-base-2.
|
| 1.5.6.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.22 | 21-Aug-2023 |
dholland | paxctl(8): it is not a bug that paxctl settings are persistent.
Nor is it a bug that they're applied to the file rather than stored in
some magic secret database where they survive reinstalls, which the
prior wording seems to suggest was the eventual intention.
It is worth noting that they change the target file, so still say that.
|
| 1.21 | 16-Aug-2023 |
gutteridge | paxctl.8: minor grammar/style corrections
|
| 1.20 | 23-Jun-2023 |
uwe | paxctl(8): brush up
Tell the user how to list flags right away, not at the very end.
Do not repeat "for the program" 6 times for each flag letter, it's a
noise by itself already and the italics of .Ar program exacerbates it.
Make the list of flags compact but manually add breaks between the
pairs of enable/disable flags.
|
| 1.19 | 23-Jun-2023 |
uwe | paxctl(8): fix markup
|
| 1.18 | 23-Jun-2023 |
wiz | Use Fl for options.
|
| 1.17 | 23-Jun-2023 |
rin | paxctl(8): Introduce -0 option to clear all PaX flag bits in ELF note.
Part of PR toolchain/52675
|
| 1.16 | 08-Nov-2016 |
wiz | branches: 1.16.24;
New sentence, new line.
|
| 1.15 | 08-Nov-2016 |
pgoyette | Merge changes from David H. Gutteridge in PR misc/51612
Thanks!
|
| 1.14 | 18-Mar-2014 |
riastradh | branches: 1.14.4; 1.14.8; 1.14.10;
Merge riastradh-drm2 to HEAD.
|
| 1.13 | 20-Jul-2013 |
wiz | Use Mt for email addresses.
|
| 1.12 | 28-Apr-2011 |
wiz | branches: 1.12.4; 1.12.10; 1.12.14;
security(7), not (8).
|
| 1.11 | 17-Sep-2009 |
plunky | offer some actual information about what PaX might be, and provide
tips for further reading.
|
| 1.10 | 11-Aug-2008 |
christos | try to handle different byte orders.
|
| 1.9 | 11-Feb-2008 |
elad | branches: 1.9.6;
Add Christos to the AUTHORS section.
|
| 1.8 | 11-Feb-2008 |
elad | There's no use for the '-l' flag, so don't document it. Viewing PaX flags
is done by issuing "paxctl file" with no flags, so note that it the
man-page instead.
From Michal Spacek, thanks!
|
| 1.7 | 26-Dec-2007 |
christos | Document ASLR
|
| 1.6 | 08-Dec-2007 |
christos | We should be able to operate on more than one file, like other unix tools.
|
| 1.5 | 20-Aug-2007 |
perry | branches: 1.5.2;
Never use "utilize". It means exactly the same thing as "use", but it
is longer and more cumbersome. It can always be replaced with "use"
without any change in meaning.
|
| 1.4 | 19-May-2007 |
wiz | Sort sections. Use Po/Pc to avoid weird Xr arguments.
|
| 1.3 | 04-Mar-2007 |
christos | it is segvguard.
|
| 1.2 | 04-Mar-2007 |
christos | Say that Servguard will use fileassoc in the future. From Elad.
|
| 1.1 | 30-Jan-2007 |
elad | branches: 1.1.2;
Move paxctl from usr.bin/paxctl to usr.sbin/paxctl, and make it an admin
tool (man-page moved from section 1 to section 8).
|
| 1.1.2.2 | 06-Feb-2007 |
tron | Pull up following revision(s) (requested by elad in ticket #396):
distrib/sets/lists/base/mi: revision 1.685
usr.sbin/paxctl/Makefile: revision 1.1
usr.bin/Makefile: revision 1.156
usr.sbin/paxctl/paxctl.c: revision 1.1
usr.bin/paxctl/paxctl.1: file removal
usr.sbin/paxctl/paxctl.8: revision 1.1
distrib/sets/lists/comp/mi: revision 1.995
usr.bin/paxctl/Makefile: file removal
distrib/sets/lists/man/mi: revision 1.971
usr.bin/paxctl/paxctl.c: file removal
usr.sbin/Makefile: revision 1.225
Move paxctl from usr.bin/paxctl to usr.sbin/paxctl, and make it an admin
tool (man-page moved from section 1 to section 8).
|
| 1.1.2.1 | 30-Jan-2007 |
tron | file paxctl.8 was added on branch netbsd-4 on 2007-02-06 22:20:42 +0000
|
| 1.5.2.2 | 23-Mar-2008 |
matt | sync with HEAD
|
| 1.5.2.1 | 09-Jan-2008 |
matt | sync with HEAD
|
| 1.9.6.1 | 18-Sep-2008 |
wrstuden | Sync with wrstuden-revivesa-base-2.
|
| 1.12.14.1 | 23-Jul-2013 |
riastradh | sync with HEAD
|
| 1.12.10.1 | 20-Aug-2014 |
tls | Rebase to HEAD as of a few days ago.
|
| 1.12.4.1 | 22-May-2014 |
yamt | sync with head.
for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
|
| 1.14.10.1 | 18-Jan-2017 |
skrll | Sync with netbsd-5
|
| 1.14.8.1 | 07-Jan-2017 |
pgoyette | Sync with HEAD. (Note that most of these changes are simply $NetBSD$
tag issues.)
|
| 1.14.4.1 | 18-Dec-2016 |
snj | Pull up following revision(s) (requested by riastradh in ticket #1313):
usr.sbin/paxctl/paxctl.8: revision 1.15
Merge changes from David H. Gutteridge in PR misc/51612
Thanks!
|
| 1.16.24.1 | 27-Jun-2023 |
martin | Pull up following revision(s) (requested by rin in ticket #215):
usr.sbin/paxctl/paxctl.8: revision 1.17
usr.sbin/paxctl/paxctl.8: revision 1.18
usr.bin/crunch/crunchgen/crunchgen.c: revision 1.95
usr.sbin/paxctl/paxctl.c: revision 1.13
paxctl(8): Introduce -0 option to clear all PaX flag bits in ELF note.
Part of PR toolchain/52675
crunchgen(1): Clear PaX flags instead of removing its ELF note section.
The latter results in zero-filled hole in ELF note segment for EARM,
where PaX section is not located the bottom of that segment (see
src/lib/csu/sysident.S). Fortunately, this hole does not cause real
harms for our in-kernel ELF note parser, except for noisy warnings on
DIAGNOSTIC kernels.
Bump CRUNCH_VERSION.
PR toolchain/52675
Use Fl for options.
|
| 1.13 | 23-Jun-2023 |
rin | paxctl(8): Introduce -0 option to clear all PaX flag bits in ELF note.
Part of PR toolchain/52675
|
| 1.12 | 27-Oct-2009 |
christos | branches: 1.12.56;
PR/42239: M. Levinson: paxctl(8) fails since binutils 2.19.1 upgrade
binutils-2.19.1 tries to create one note section for all adjacent loadable
note sections, instead of the old behavior where each note is in its own
section. The fix looks at the section headers instead of the program headers
for the note.
|
| 1.11 | 02-May-2009 |
christos | easier done with a goto instead of closing in each error.
|
| 1.10 | 02-May-2009 |
elad | PR/41332: Jason V. Miller: paxctl(8) leaks file descriptors
Always close(fd) before returning.
Thanks for the report!
|
| 1.9 | 18-Jan-2009 |
lukem | branches: 1.9.2;
fix -Wsign-compare issues
|
| 1.8 | 11-Aug-2008 |
christos | try to handle different byte orders.
|
| 1.7 | 26-Dec-2007 |
christos | branches: 1.7.6;
Allow turning ASLR on and off.
|
| 1.6 | 24-Dec-2007 |
elad | Fix typos:
- Mprotect -> MPROTECT
- Servguard -> Segvguard
While here, pad values.
|
| 1.5 | 15-Dec-2007 |
perry | convert __attribute__s to applicable cdefs.h macros
|
| 1.4 | 11-Dec-2007 |
christos | fix usage to say we can take multiple files.
|
| 1.3 | 08-Dec-2007 |
christos | We should be able to operate on more than one file, like other unix tools.
|
| 1.2 | 24-Jun-2007 |
christos | branches: 1.2.4;
Use an elf note to handle pax arguments. This is a temporary solution to
avoid wasting OS flag bits. In the future we'll probably use fileassoc to
achieve this (once there is a way to make fileassoc persistent) or in the
shorter term libelf, so that we can add and remove the note on demand instead
of burning bits on each binary. Of course since this is a tool, this means
that we'll need to think about how to handle libelf...
|
| 1.1 | 30-Jan-2007 |
elad | branches: 1.1.2;
Move paxctl from usr.bin/paxctl to usr.sbin/paxctl, and make it an admin
tool (man-page moved from section 1 to section 8).
|
| 1.1.2.3 | 09-Jul-2007 |
liamjfoy | Pull up following revision(s) (requested by christos in ticket #755):
sys/sys/pax.h: revision 1.9
sys/sys/exec_elf.h: revision 1.90
usr.sbin/paxctl/paxctl.c: revision 1.2
sys/kern/kern_pax.c: revision 1.16
sys/sys/exec.h: revision 1.117
sys/kern/exec_elf32.c: revision 1.124
libexec/ld.elf_so/sysident.h: revision 1.14
Use an elf note to handle pax arguments. This is a temporary solution to
avoid wasting OS flag bits. In the future we'll probably use fileassoc to
achieve this (once there is a way to make fileassoc persistent) or in the
shorter term libelf, so that we can add and remove the note on demand instead
of burning bits on each binary. Of course since this is a tool, this means
that we'll need to think about how to handle libelf...
|
| 1.1.2.2 | 06-Feb-2007 |
tron | branches: 1.1.2.2.2;
Pull up following revision(s) (requested by elad in ticket #396):
distrib/sets/lists/base/mi: revision 1.685
usr.sbin/paxctl/Makefile: revision 1.1
usr.bin/Makefile: revision 1.156
usr.sbin/paxctl/paxctl.c: revision 1.1
usr.bin/paxctl/paxctl.1: file removal
usr.sbin/paxctl/paxctl.8: revision 1.1
distrib/sets/lists/comp/mi: revision 1.995
usr.bin/paxctl/Makefile: file removal
distrib/sets/lists/man/mi: revision 1.971
usr.bin/paxctl/paxctl.c: file removal
usr.sbin/Makefile: revision 1.225
Move paxctl from usr.bin/paxctl to usr.sbin/paxctl, and make it an admin
tool (man-page moved from section 1 to section 8).
|
| 1.1.2.1 | 30-Jan-2007 |
tron | branches: 1.1.2.1.2;
file paxctl.c was added on branch netbsd-4 on 2007-02-06 22:20:42 +0000
|
| 1.1.2.2.2.1 | 03-Sep-2007 |
wrstuden | Sync w/ NetBSD-4-RC_1
|
| 1.1.2.1.2.1 locked by: joerg; | 30-Jan-2007 |
wrstuden | file paxctl.c was added on branch netbsd-4 on 2007-09-03 07:05:42 +0000
|
| 1.2.4.1 | 09-Jan-2008 |
matt | sync with HEAD
|
| 1.7.6.1 | 18-Sep-2008 |
wrstuden | Sync with wrstuden-revivesa-base-2.
|
| 1.9.2.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.12.56.1 | 27-Jun-2023 |
martin | Pull up following revision(s) (requested by rin in ticket #215):
usr.sbin/paxctl/paxctl.8: revision 1.17
usr.sbin/paxctl/paxctl.8: revision 1.18
usr.bin/crunch/crunchgen/crunchgen.c: revision 1.95
usr.sbin/paxctl/paxctl.c: revision 1.13
paxctl(8): Introduce -0 option to clear all PaX flag bits in ELF note.
Part of PR toolchain/52675
crunchgen(1): Clear PaX flags instead of removing its ELF note section.
The latter results in zero-filled hole in ELF note segment for EARM,
where PaX section is not located the bottom of that segment (see
src/lib/csu/sysident.S). Fortunately, this hole does not cause real
harms for our in-kernel ELF note parser, except for noisy warnings on
DIAGNOSTIC kernels.
Bump CRUNCH_VERSION.
PR toolchain/52675
Use Fl for options.
|
