5798 fexecve() needed per POSIX 2008Portions contributed by: Garrett D'Amore <garrett@damore.org>Reviewed by: Dan Cross <cross@oxidecomputer.com>Reviewed by: Bill Sommerfeld <sommerfeld@hamachi.or
5798 fexecve() needed per POSIX 2008Portions contributed by: Garrett D'Amore <garrett@damore.org>Reviewed by: Dan Cross <cross@oxidecomputer.com>Reviewed by: Bill Sommerfeld <sommerfeld@hamachi.org>Approved by: Gordon Ross <gordon.w.ross@gmail.com>
show more ...
15280 uts: remove pragma identReviewed by: Igor Kozhukhov <igor@dilos.org>Reviewed by: Yuri Pankov <yuri@aetern.org>Reviewed by: Marcel Telka <marcel@telka.sk>Approved by: Robert Mustacchi <rm@fi
15280 uts: remove pragma identReviewed by: Igor Kozhukhov <igor@dilos.org>Reviewed by: Yuri Pankov <yuri@aetern.org>Reviewed by: Marcel Telka <marcel@telka.sk>Approved by: Robert Mustacchi <rm@fingolfin.org>
14767 retire ksslReviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Igor Kozhukhov <igor@dilos.org>Approved by: Joshua M. Clulow <josh@sysmg
14767 retire ksslReviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Igor Kozhukhov <igor@dilos.org>Approved by: Joshua M. Clulow <josh@sysmgr.org>
14443 resection manual pages per IPD4Reviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Robert Mustacchi <rm@fingolfin.org>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Andy
14443 resection manual pages per IPD4Reviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Robert Mustacchi <rm@fingolfin.org>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Andy Fiddaman <andy@omnios.org>Approved by: Dan McDonald <danmcd@joyent.com>
12593 NULL ptr deref in door_upcall via auditctl setpolicyReviewed by: Robert Mustacchi <rm@fingolfin.org>Approved by: Richard Lowe <richlowe@richlowe.net>
11842 Want audit events for auditon(A_SETPMASK) and friendsReviewed by: John Levon <john.levon@joyent.com>Reviewed by: Andy Fiddaman <andy@omniosce.org>Approved by: Robert Mustacchi <rm@fingolfin.
11842 Want audit events for auditon(A_SETPMASK) and friendsReviewed by: John Levon <john.levon@joyent.com>Reviewed by: Andy Fiddaman <andy@omniosce.org>Approved by: Robert Mustacchi <rm@fingolfin.org>
11037 SMB File access audit logging (reserve IDs)Reviewed by: Gordon Ross <gordon.ross@nexenta.com>Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>Reviewed by: Saso Kiselkov <saso.kiselk
11037 SMB File access audit logging (reserve IDs)Reviewed by: Gordon Ross <gordon.ross@nexenta.com>Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>Reviewed by: John Levon <john.levon@joyent.com>
10758 c2audit: NULL pointer errorsReviewed by: Andy Stormont <astormont@racktopsystems.com>Reviewed by: Robert Mustacchi <rm@joyent.com>Approved by: Dan McDonald <danmcd@joyent.com>
10081 smatch indenting fixes for usr/src/utsReviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Andy Fiddaman <andy@omniosce.org>Approved by:
10081 smatch indenting fixes for usr/src/utsReviewed by: Toomas Soome <tsoome@me.com>Reviewed by: Peter Tribble <peter.tribble@gmail.com>Reviewed by: Andy Fiddaman <andy@omniosce.org>Approved by: Robert Mustacchi <rm@joyent.com>
9347 c2audit: comparison between pointer and zero character constantReviewed by: Andrew Stormont <andyjstormont@gmail.com>Reviewed by: Yuri Pankov <yuripv@yuripv.net>Approved by: Gordon Ross <gwr@
9347 c2audit: comparison between pointer and zero character constantReviewed by: Andrew Stormont <andyjstormont@gmail.com>Reviewed by: Yuri Pankov <yuripv@yuripv.net>Approved by: Gordon Ross <gwr@nexenta.com>
7029 want per-process exploit mitigation features (secflags)7030 want basic address space layout randomization (ASLR)7031 noexec_user_stack should be a security-flag7032 want a means to forbid map
7029 want per-process exploit mitigation features (secflags)7030 want basic address space layout randomization (ASLR)7031 noexec_user_stack should be a security-flag7032 want a means to forbid mappings around NULLReviewed by: Robert Mustacchi <rm@joyent.com>Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>Reviewed by: Patrick Mooney <pmooney@joyent.com>Approved by: Dan McDonald <danmcd@omniti.com>
1073 migrate kernel modules from ancient _depends_on to true ELF dependenciesReviewed by: Adam Leventhal <ahl@delphix.com>Reviewed by: Garrett D'Amore <garrett@nexenta.com>Approved by: Richard Low
1073 migrate kernel modules from ancient _depends_on to true ELF dependenciesReviewed by: Adam Leventhal <ahl@delphix.com>Reviewed by: Garrett D'Amore <garrett@nexenta.com>Approved by: Richard Lowe <richlowe@richlowe.net>
6925150 audit_closef() may reference unintialized variable 'getattr_ret'
6925149 auf_accept() may reference unintialized variable 'fd'
6925147 au_doorio() may reference unintialized variable 'error'
6925146 audit_cryptoadm() tests if an unsigned value is less than zero
6863313 $SRC/uts/common/c2/{adr,audit,audit_mem}.c aren't cstyle clean
PSARC/2009/636 Obsolete getacinfo(3bsm)PSARC/2009/642 audit_control(4) EOL and removalPSARC/2010/218 Audit subsystem Rights ProfilesPSARC/2010/220 svc:/system/auditset service6875456 Solaris Audi
PSARC/2009/636 Obsolete getacinfo(3bsm)PSARC/2009/642 audit_control(4) EOL and removalPSARC/2010/218 Audit subsystem Rights ProfilesPSARC/2010/220 svc:/system/auditset service6875456 Solaris Audit configuration in SMF - phase 2 (PSARC/2009/636, PSARC/2009/642)6942035 audit_binfile(5) leaves unfinished audit logs.6942041 auditd(1) says "auditd refreshed" on startup.6943275 audit_remote(5) leaks memory on audit service refresh6955077 adt_get_mask_from_user() should regard _SC_GETPW_R_SIZE_MAX6955117 $SRC/lib/libbsm/common/audit_ftpd.c shouldn't hardcode the lenght of usernames (8)6956169 adt_audit_state() returns non-boolean values--HG--rename : usr/src/cmd/auditconfig/auditconfig_impl.h => usr/src/lib/libbsm/common/audit_policy.hrename : usr/src/cmd/auditconfig/audit_scf.c => usr/src/lib/libbsm/common/audit_scf.crename : usr/src/cmd/auditconfig/audit_scf.h => usr/src/lib/libbsm/common/audit_scf.h
PSARC 2010/235 POSIX 1003.1-2008 *at(2) syscalls6910251 need support for all POSIX.1-2008 *at(2) syscalls6964835 mknod(2) auditing omits the pathname for invalid arguments
6949768 fsattr(5) auditing can incorrectly record some open(2) paths as extended attribute paths6951837 truss(1) doesn't format the output of openat(2) calls correctly in snv_135 and later6951840 o
6949768 fsattr(5) auditing can incorrectly record some open(2) paths as extended attribute paths6951837 truss(1) doesn't format the output of openat(2) calls correctly in snv_135 and later6951840 openat(2) doesn't ignore the fd argument when path argument is absolute6952651 pathnames can be excluded from audit records for extended attribute syscalls in some scenarios6958299 getattrat(3C) and setattrat(3C) generate audit records with duplicate pathnames6959020 auditing of getattrat(3C) and setattrat(3C) doesn't handle absolute pathnames correctly
PSARC/2009/590 Socket Filter Framework6939085 Socket Filter Framework6802067 connect_failed kernel socket callback is not triggered6776450 time spent in tcp_close could be reduced/deferred to a wo
PSARC/2009/590 Socket Filter Framework6939085 Socket Filter Framework6802067 connect_failed kernel socket callback is not triggered6776450 time spent in tcp_close could be reduced/deferred to a worker thread6828586 assertion failed: family == 26, file: ../../common/fs/sockfs/socksyscalls.c, line: 16086802078 kernel socket 'newconn' callback is passing rcv queue size as an argument
6625545 auditd Generates Plethora Events due to Missing System Files (AUE_OPEN_R, AUE_OPENAT_R, AUE_EXECVE)6631622 The tad_ctrl (PAD_) stuff is a mess
PSARC 2009/377 In-kernel pfexec implementation.PSARC 2009/378 Basic File PrivilegesPSARC 2010/072 RBAC update: user attrs from profiles4912090 pfzsh(1) should exist4912093 pfbash(1) should exist
PSARC 2009/377 In-kernel pfexec implementation.PSARC 2009/378 Basic File PrivilegesPSARC 2010/072 RBAC update: user attrs from profiles4912090 pfzsh(1) should exist4912093 pfbash(1) should exist4912096 pftcsh(1) should exist6440298 Expand the basic privilege set in order to restrict file access6859862 Move pfexec into the kernel6919171 cred_t sidesteps kmem_debug; we need to be able to detect bad hold/free when they occur6923721 The new SYS_SMB privilege is not backward compatible6937562 autofs doesn't remove its door when the zone shuts down6937727 Zones stuck on deathrow; netstack_zone keeps a credential reference to the zone6940159 Implement PSARC 2010/072
6935410 setting audit context when audit is not enabled should be more tolerant of getaddrinfo failure
6932958 kernel heap corruption detected panic while running zoneadm
1234