From owner-svn-soc-all@FreeBSD.ORG Tue Jun 18 17:08:09 2013 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 2B90152E for ; Tue, 18 Jun 2013 17:08:09 +0000 (UTC) (envelope-from dpl@FreeBSD.org) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::16:124]) by mx1.freebsd.org (Postfix) with ESMTP id 0DE481863 for ; Tue, 18 Jun 2013 17:08:09 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.7/8.14.7) with ESMTP id r5IH88Ix031954 for ; Tue, 18 Jun 2013 17:08:08 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.7/8.14.6/Submit) id r5IH88F3031951 for svn-soc-all@FreeBSD.org; Tue, 18 Jun 2013 17:08:08 GMT (envelope-from dpl@FreeBSD.org) Date: Tue, 18 Jun 2013 17:08:08 GMT Message-Id: <201306181708.r5IH88F3031951@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r253197 - in soc2013/dpl/head: contrib/bzip2 usr.bin/bzip2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Jun 2013 17:08:09 -0000 Author: dpl Date: Tue Jun 18 17:08:08 2013 New Revision: 253197 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=253197 Log: Now we work in capability mode, with the theoretical minimum rights. Modified: soc2013/dpl/head/contrib/bzip2/bzip2.c soc2013/dpl/head/usr.bin/bzip2/Makefile Modified: soc2013/dpl/head/contrib/bzip2/bzip2.c ============================================================================== --- soc2013/dpl/head/contrib/bzip2/bzip2.c Tue Jun 18 16:36:21 2013 (r253196) +++ soc2013/dpl/head/contrib/bzip2/bzip2.c Tue Jun 18 17:08:08 2013 (r253197) @@ -88,7 +88,6 @@ # define SET_BINARY_MODE(fd) /**/ -/* Capsicum Support */ # ifdef __FreeBSD__ # include # if __FreeBSD_version >= 900041 @@ -972,6 +971,9 @@ FILE* fp; IntNative fh; fh = open(name, O_WRONLY|O_CREAT|O_EXCL, S_IWUSR|S_IRUSR); +# ifdef CAPSICUM + cap_rights_limit(fh, CAP_WRITE); +# endif if (fh == -1) return NULL; fp = fdopen(fh, mode); if (fp == NULL) close(fh); @@ -1143,7 +1145,7 @@ { FILE *inStr; FILE *outStr; - Int32 n, i; + Int32 n, i, infd; struct MY_STAT statBuf; deleteOutputOnInterrupt = False; @@ -1248,7 +1250,14 @@ break; case SM_F2O: +# ifdef CAPSICUM + infd = open( inName, O_RDONLY ); + cap_rights_limit(infd, CAP_READ); + inStr = fdopen ( infd, "rb" ); +# else + infd = NULL; inStr = fopen ( inName, "rb" ); +# endif outStr = stdout; if ( isatty ( fileno ( stdout ) ) ) { fprintf ( stderr, @@ -1269,7 +1278,14 @@ break; case SM_F2F: +# ifdef CAPSICUM + infd = open( inName, O_RDONLY ); + cap_rights_limit(infd, CAP_READ); + inStr = fdopen ( infd, "rb" ); +# else + infd = NULL; inStr = fopen ( inName, "rb" ); +# endif outStr = fopen_output_safely ( outName, "wb" ); if ( outStr == NULL) { fprintf ( stderr, "%s: Can't create output file %s: %s.\n", @@ -1298,6 +1314,13 @@ fflush ( stderr ); } +# ifdef CAPSICUM + if (cap_enter() < 0) { + fprintf ( stderr, "%s: Couldn't enter capability mode.\n", progName ); + exit(1); + } +# endif + /*--- Now the input and output handles are sane. Do the Biz. ---*/ outputHandleJustInCase = outStr; deleteOutputOnInterrupt = True; @@ -1324,7 +1347,7 @@ { FILE *inStr; FILE *outStr; - Int32 n, i; + Int32 n, i, infd; Bool magicNumberOK; Bool cantGuess; struct MY_STAT statBuf; @@ -1434,7 +1457,14 @@ break; case SM_F2O: +# ifdef CAPSICUM + infd = open( inName, O_RDONLY ); + cap_rights_limit(infd, CAP_READ); + inStr = fdopen ( infd, "rb" ); +# else + infd = NULL; inStr = fopen ( inName, "rb" ); +# endif outStr = stdout; if ( inStr == NULL ) { fprintf ( stderr, "%s: Can't open input file %s:%s.\n", @@ -1446,7 +1476,14 @@ break; case SM_F2F: +# ifdef CAPSICUM + infd = open( inName, O_RDONLY ); + cap_rights_limit(infd, CAP_READ); + inStr = fdopen ( infd, "rb" ); +# else + infd = NULL; inStr = fopen ( inName, "rb" ); +# endif outStr = fopen_output_safely ( outName, "wb" ); if ( outStr == NULL) { fprintf ( stderr, "%s: Can't create output file %s: %s.\n", @@ -1475,6 +1512,13 @@ fflush ( stderr ); } +# ifdef CAPSICUM + if (cap_enter() < 0) { + fprintf ( stderr, "%s: Couldn't enter capability mode.\n", progName ); + exit(1); + } +# endif + /*--- Now the input and output handles are sane. Do the Biz. ---*/ outputHandleJustInCase = outStr; deleteOutputOnInterrupt = True; @@ -1821,13 +1865,6 @@ # endif # endif -# ifdef CAPSICUM - if (cap_enter() < 0) { - fprintf ( stderr, "%s: Couldn't enter capability mode.\n", progName ); - exit(1); - } -# endif - copyFileName ( inName, (Char*)"(none)" ); copyFileName ( outName, (Char*)"(none)" ); Modified: soc2013/dpl/head/usr.bin/bzip2/Makefile ============================================================================== --- soc2013/dpl/head/usr.bin/bzip2/Makefile Tue Jun 18 16:36:21 2013 (r253196) +++ soc2013/dpl/head/usr.bin/bzip2/Makefile Tue Jun 18 17:08:08 2013 (r253197) @@ -22,7 +22,8 @@ CLEANFILES+= ${TESTFILES} \ sample1.rb2 sample2.rb2 sample3.rb2 \ sample1.tst sample2.tst sample3.tst \ - total total.tst samples.rb2 + total total.tst samples.rb2 \ + total.bz2 total.tst.bz2 .for f in ${REFFILES} ${f}: ${f}.gz.uu