15488 libbsm: storing the address of local variableReviewed by: Dan Cross <cross@oxidecomputer.com>Approved by: Robert Mustacchi <rm@fingolfin.org>
16040 auditing could be calmer about translation of nodename to IP addressReviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Ryan Goodfellow
16040 auditing could be calmer about translation of nodename to IP addressReviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Ryan Goodfellow <ryan.goodfellow@oxide.computer>Approved by: Dan McDonald <danmcd@mnx.io>
show more ...
15290 lib: remove pragma identReviewed by: Garrett D'Amore <garrett@damore.org>Reviewed by: Igor Kozhukhov <igor@dilos.org>Reviewed by: Dan Cross <cross@oxidecomputer.com>Approved by: Patrick Moo
15290 lib: remove pragma identReviewed by: Garrett D'Amore <garrett@damore.org>Reviewed by: Igor Kozhukhov <igor@dilos.org>Reviewed by: Dan Cross <cross@oxidecomputer.com>Approved by: Patrick Mooney <pmooney@pfmooney.com>
2271 CIFS clients fail to authenticate when idmap is using IDMUReviewed by: Gordon Ross <gordon.w.ross@gmail.com>Approved by: Dan McDonald <danmcd@mnx.io>
14443 resection manual pages per IPD4Reviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Robert Mustacchi <rm@fingolfin.org>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Andy
14443 resection manual pages per IPD4Reviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Robert Mustacchi <rm@fingolfin.org>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Andy Fiddaman <andy@omnios.org>Approved by: Dan McDonald <danmcd@joyent.com>
11826 Buffer overflow and memory leak in "libbsm"Reviewed by: Andy Fiddaman <andy@omniosce.org>Reviewed by: Robert Mustacchi <rm@fingolfin.org>Reviewed by: Toomas Soome <tsoome@me.com>Approved by
11826 Buffer overflow and memory leak in "libbsm"Reviewed by: Andy Fiddaman <andy@omniosce.org>Reviewed by: Robert Mustacchi <rm@fingolfin.org>Reviewed by: Toomas Soome <tsoome@me.com>Approved by: Dan McDonald <danmcd@joyent.com>
11148 libbsm: NULL pointer errorsReviewed by: John Levon <john.levon@joyent.com>Reviewed by: Sebastian Wiedenroth <sebastian.wiedenroth@skylime.net>Approved by: Richard Lowe <richlowe@richlowe.net>
10361 usr/lib - stop lint library generation and packagingReviewed by: Jason King <jason.king@joyent.com>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Frederik Wessels <wessels1
10361 usr/lib - stop lint library generation and packagingReviewed by: Jason King <jason.king@joyent.com>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Frederik Wessels <wessels147@gmail.com>Approved by: Dan McDonald <danmcd@joyent.com>
9149 libbsm: comparison between pointer and zero character constantReviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>Reviewed by: Albert Lee <trisk@forkgnu.org>Approved by: Dan McDonald <danmcd@j
9149 libbsm: comparison between pointer and zero character constantReviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>Reviewed by: Albert Lee <trisk@forkgnu.org>Approved by: Dan McDonald <danmcd@joyent.com>
8885 64-bit libbsm:adt_do_ipv[46]_address creates non-compressible at_port.Reviewed by: Dominik Hassler <hadfl@omniosce.org>Reviewed by: Dan McDonald <danmcd@joyent.com>Reviewed by: Robert Mustacc
8885 64-bit libbsm:adt_do_ipv[46]_address creates non-compressible at_port.Reviewed by: Dominik Hassler <hadfl@omniosce.org>Reviewed by: Dan McDonald <danmcd@joyent.com>Reviewed by: Robert Mustacchi <rm@joyent.com>Approved by: Dan McDonald <danmcd@joyent.com>
7812 Remove gender specific languageReviewed by: Matt Ahrens <mahrens@delphix.com>Reviewed by: Prakash Surya <prakash.surya@delphix.com>Reviewed by: Steve Gonczi <steve.gonczi@delphix.com>Reviewe
7812 Remove gender specific languageReviewed by: Matt Ahrens <mahrens@delphix.com>Reviewed by: Prakash Surya <prakash.surya@delphix.com>Reviewed by: Steve Gonczi <steve.gonczi@delphix.com>Reviewed by: Chris Williamson <chris.williamson@delphix.com>Reviewed by: George Wilson <george.wilson@delphix.com>Reviewed by: Igor Kozhukhov <igor@dilos.org>Reviewed by: Dan McDonald <danmcd@omniti.com>Reviewed by: Robert Mustacchi <rm@joyent.com>Approved by: Richard Lowe <richlowe@richlowe.net>
7029 want per-process exploit mitigation features (secflags)7030 want basic address space layout randomization (ASLR)7031 noexec_user_stack should be a security-flag7032 want a means to forbid map
7029 want per-process exploit mitigation features (secflags)7030 want basic address space layout randomization (ASLR)7031 noexec_user_stack should be a security-flag7032 want a means to forbid mappings around NULLReviewed by: Robert Mustacchi <rm@joyent.com>Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>Reviewed by: Patrick Mooney <pmooney@joyent.com>Approved by: Dan McDonald <danmcd@omniti.com>
171 adt_get_mask_from_user frees memory before it's used172 duplicate free in gss_accept_sec_context173 duplicate free in spnego_gss_accept_sec_contextReviewed by: gordon.w.ross@gmail.comReviewed
171 adt_get_mask_from_user frees memory before it's used172 duplicate free in gss_accept_sec_context173 duplicate free in spnego_gss_accept_sec_contextReviewed by: gordon.w.ross@gmail.comReviewed by: garrett@nexenta.comApproved by: garrett@nexenta.com
6884631 ilb code needs to utilize the audit tokens types of in_remote iport for server address and ports
6953290 adt_load_ttyname/adt_load_hostname should report ENETDOWN if there are no interfaces
PSARC/2009/636 Obsolete getacinfo(3bsm)PSARC/2009/642 audit_control(4) EOL and removalPSARC/2010/218 Audit subsystem Rights ProfilesPSARC/2010/220 svc:/system/auditset service6875456 Solaris Audi
PSARC/2009/636 Obsolete getacinfo(3bsm)PSARC/2009/642 audit_control(4) EOL and removalPSARC/2010/218 Audit subsystem Rights ProfilesPSARC/2010/220 svc:/system/auditset service6875456 Solaris Audit configuration in SMF - phase 2 (PSARC/2009/636, PSARC/2009/642)6942035 audit_binfile(5) leaves unfinished audit logs.6942041 auditd(1) says "auditd refreshed" on startup.6943275 audit_remote(5) leaks memory on audit service refresh6955077 adt_get_mask_from_user() should regard _SC_GETPW_R_SIZE_MAX6955117 $SRC/lib/libbsm/common/audit_ftpd.c shouldn't hardcode the lenght of usernames (8)6956169 adt_audit_state() returns non-boolean values--HG--rename : usr/src/cmd/auditconfig/auditconfig_impl.h => usr/src/lib/libbsm/common/audit_policy.hrename : usr/src/cmd/auditconfig/audit_scf.c => usr/src/lib/libbsm/common/audit_scf.crename : usr/src/cmd/auditconfig/audit_scf.h => usr/src/lib/libbsm/common/audit_scf.h
PSARC/2010/003 EOL and removal of audit_user(4) and getauusernam(3bsm)6914742 remove audit_user phase 1 PSARC/2010/003 EOL and removal of audit_user(4) and getauusernam(3bsm)
6916796 OSnet mapfiles should use version 2 link-editor syntax--HG--rename : usr/src/cmd/sgs/libelf/common/mapfile-common => usr/src/cmd/sgs/libelf/common/mapfile-versrename : usr/src/cmd/sgs/lin
6916796 OSnet mapfiles should use version 2 link-editor syntax--HG--rename : usr/src/cmd/sgs/libelf/common/mapfile-common => usr/src/cmd/sgs/libelf/common/mapfile-versrename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-bindings => usr/src/cmd/sgs/link_audit/common/mapfile-vers-bindingsrename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-perfcnt => usr/src/cmd/sgs/link_audit/common/mapfile-vers-perfcntrename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-symbindrep => usr/src/cmd/sgs/link_audit/common/mapfile-vers-symbindreprename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-truss => usr/src/cmd/sgs/link_audit/common/mapfile-vers-trussrename : usr/src/cmd/sgs/link_audit/i386/mapfile-vers-who => usr/src/cmd/sgs/link_audit/common/mapfile-vers-whorename : usr/src/common/mapfiles/i386/map.noexdata => usr/src/common/mapfiles/common/map.noexdatarename : usr/src/lib/libaio/sparc/mapfile-vers => usr/src/lib/libaio/common/mapfile-versrename : usr/src/lib/libelfsign/common/mapfile.map => usr/src/lib/libelfsign/common/mapfile-versrename : usr/src/lib/libpthread/sparc/mapfile-vers => usr/src/lib/libpthread/common/mapfile-versrename : usr/src/lib/librt/amd64/mapfile-vers => usr/src/lib/librt/common/mapfile-versrename : usr/src/lib/libsys/sparc/mapfile-vers => usr/src/lib/libsys/common/mapfile-versrename : usr/src/lib/libthread/sparc/mapfile-vers => usr/src/lib/libthread/common/mapfile-vers
6948751 $SRC/lib/libbsm/common/audit_class.c needs some cleanup.
6946546 Fix for 6868082 devfsadm must rely on device_maps breaks add_allocatable on Trusted Extensions
6946518 There is no way to validate that audit flags are valid6946529 getauditflagschar and getauclassnam may not operate properly with maximum size class names6927607 getauditflags.c:getauditflags
6946518 There is no way to validate that audit flags are valid6946529 getauditflagschar and getauclassnam may not operate properly with maximum size class names6927607 getauditflags.c:getauditflagsbin() needs boundary checking.
6940699 no reboot audit leaves auditd disabled across reboot.
6935410 setting audit context when audit is not enabled should be more tolerant of getaddrinfo failure
6939427 core dump in adr_char: au_close should check return from malloc
6914628 Implement the user object audit token PSARC/2010/001 User object audit tokenPSARC/2010/001 User object audit token6580704 passwd gww produces a less optimal audit record.
12345