| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Coverity CID 301785: check return value of remove() although it is not necessary | Toni Uhlig | 2018-07-18 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Coverity CID 301781: fixed wrong if clause for socket() return value check | Toni Uhlig | 2018-07-18 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Coverity CID 301775: check for valid fd before close() | Toni Uhlig | 2018-07-18 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Coverity CID 301780: fixed missing break (that was on purpose by the dev but ↵ | Toni Uhlig | 2018-07-18 |
| | | | | | | | obv it does not make sense) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Coverity CID 301773: out-of-bounds array access fixed (false positive anyway) | Toni Uhlig | 2018-07-18 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Coverity CID 301774: do not call any log function after chroot but before ↵ | Toni Uhlig | 2018-07-18 |
| | | | | | | | chdir("/") Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Coverity CID 301779: check return value of chmod() | Toni Uhlig | 2018-07-18 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Coverity CID 301779: fixed fd leak | Toni Uhlig | 2018-07-18 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Copyright info updated | Toni Uhlig | 2018-07-18 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Coverity CID 301781: fixed resource leak when ioctl fails | Toni Uhlig | 2018-07-17 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | selftest: test jail/sandbox during startup or with --test | lns | 2018-07-17 |
| | | | | | Signed-off-by: lns <matzeton@googlemail.com> | ||
| * | selftest: check existence of additional directories | Toni Uhlig | 2018-07-16 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | selftest: print detailed error if file/dir checks fail | Toni Uhlig | 2018-07-16 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | selftest: added valgrind check and print warning | Toni Uhlig | 2018-07-16 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | more copyright informations | Toni Uhlig | 2018-07-11 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | updated copyright informations | Toni Uhlig | 2018-07-11 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | added logging priority 'PROTOCOL' for protocol speicific data | Toni Uhlig | 2018-06-28 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | zero out mmap'd memory | Toni Uhlig | 2018-06-28 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | protocol ssh max session limit | Toni Uhlig | 2018-06-27 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | protocol ssh login cache [+] login probability | Toni Uhlig | 2018-06-27 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | logging pid rjust | Toni Uhlig | 2018-06-25 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | improved daemon multi process (exit) signal handling e.g. do not send double ↵ | Toni Uhlig | 2018-06-25 |
| | | | | | | | SIGTERMs/SIGHUPs Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | fixed long-term libssh pki-keygen bug, EMPTY PASSPHRASE is NOT an EMPTY ↵ | Toni Uhlig | 2018-06-25 |
| | | | | | | | STRING ("") instead it is a NULL-Pointer if libssh version >0.7.3 Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | libseccomp is now optional but still recommended | Toni Uhlig | 2018-06-25 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | improved debug output while changing user/group | Toni Uhlig | 2018-06-24 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | BUG: replaced pthread_detach with pthread_attr_setdetachstate to fix ↵ | Toni Uhlig | 2018-06-24 |
| | | | | | | | possible SIGSEGVs on ARM platforms Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | added backtrace support on SIGSEGV | Toni Uhlig | 2018-06-24 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | added seccomp blacklisted syscalls: ioperm, iopl | Toni Uhlig | 2018-06-24 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | fixed buffer overwrite by libc functions basename/dirname, open(...) should ↵ | Toni Uhlig | 2018-06-24 |
| | | | | | | | set mode to 0 instead of ignoring it Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | added timestamps in log_colored and log_file modules | Toni Uhlig | 2018-06-24 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | fixed valgrind mount complaints (does not like NULL as src/fstype) | Toni Uhlig | 2018-06-23 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | fixed blacklisting issues after safe_chroot, main jail-client process does ↵ | Toni Uhlig | 2018-06-23 |
| | | | | | | | not chroot anymore Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | improved filesystem managment (blacklisting, mounting read-only/read-write ↵ | Toni Uhlig | 2018-06-23 |
| | | | | | | | objects), improved jail/pty handling Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | introduced firejail alike filesystem managment (modified source from firejail) | Toni Uhlig | 2018-06-21 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | several minor bugfixes | Toni Uhlig | 2018-06-21 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | added options OPT_SSH_RUN_DIR,OPT_CHUSER,OPT_CHGROUP required for setting ↵ | Toni Uhlig | 2018-06-20 |
| | | | | | | | correct permissions for ssh key files Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | autotools overhaul | Toni Uhlig | 2018-06-19 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | autoconf: proper extra CFLAG check/handling e.g. -f* and ↵ | Toni Uhlig | 2018-06-18 |
| | | | | | | | inter-library-dependency checks, snprintf m4 should not fail if xcompiling Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | seccomp: allow socket syscall in jail | Toni Uhlig | 2018-06-18 |
| | | | | | | | setup namespaces: old valgrind versions dont support the setns syscall, so use unshare if previous failed Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | check if a file path is an mountpoint (not only directories) | Toni Uhlig | 2018-06-18 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | autoconf script checks for -std=gnu99 and secure_getenv availability | Toni Uhlig | 2018-06-18 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | flawfinder ignores now seccomp syscall definitions | Toni Uhlig | 2018-06-17 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | replaced getenv with secure_getenv | Toni Uhlig | 2018-06-17 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | added --test to test essential app functions (more in future) during ↵ | Toni Uhlig | 2018-06-17 |
| | | | | | | | startup/gitlab Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | added snprintf autoconf and runtime check | Toni Uhlig | 2018-06-17 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | jail multiple netns mount fix | Toni Uhlig | 2018-06-17 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | - zero out struct ifr | lns | 2018-06-13 |
| | | | | | Signed-off-by: lns <matzeton@googlemail.com> | ||
| * | POTD skeleton. | lns | 2018-06-13 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Initial commit. | Toni Uhlig | 2018-04-07 |
| Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||