| #
7d10cd4d |
| 27-Jun-2022 |
Garrett D'Amore <garrett@damore.org> |
14767 retire kssl
Reviewed by: Toomas Soome <tsoome@me.com>
Reviewed by: Peter Tribble <peter.tribble@gmail.com>
Reviewed by: Igor Kozhukhov <igor@dilos.org>
Approved by: Joshua M. Clulow <josh@sysmg
14767 retire kssl
Reviewed by: Toomas Soome <tsoome@me.com>
Reviewed by: Peter Tribble <peter.tribble@gmail.com>
Reviewed by: Igor Kozhukhov <igor@dilos.org>
Approved by: Joshua M. Clulow <josh@sysmgr.org>
show more ...
|
| #
0f48f68d |
| 20-Jan-2019 |
Toomas Soome <tsoome@me.com> |
10758 c2audit: NULL pointer errors
Reviewed by: Andy Stormont <astormont@racktopsystems.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Dan McDonald <danmcd@joyent.com>
|
| #
d2a70789 |
| 16-Apr-2014 |
Richard Lowe <richlowe@richlowe.net> |
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (ASLR)
7031 noexec_user_stack should be a security-flag
7032 want a means to forbid map
7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (ASLR)
7031 noexec_user_stack should be a security-flag
7032 want a means to forbid mappings around NULL
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Reviewed by: Patrick Mooney <pmooney@joyent.com>
Approved by: Dan McDonald <danmcd@omniti.com>
show more ...
|
| #
6a634c9d |
| 19-Aug-2010 |
Richard Lowe <richlowe@richlowe.net> |
merge with onnv_147
Reviewed by: garrett@nexenta.com
Approved by: garrett@nexenta.com
|
| #
224626ec |
| 17-Aug-2010 |
Marek Pospisil <Marek.Pospisil@Sun.COM> |
6925150 audit_closef() may reference unintialized variable 'getattr_ret'
|
| #
5c93ad81 |
| 17-Aug-2010 |
Marek Pospisil <Marek.Pospisil@Sun.COM> |
6925146 audit_cryptoadm() tests if an unsigned value is less than zero
|
| #
c4d3e299 |
| 24-Jun-2010 |
Brent Paulson <Brent.Paulson@Oracle.COM> |
6949768 fsattr(5) auditing can incorrectly record some open(2) paths as extended attribute paths
6951837 truss(1) doesn't format the output of openat(2) calls correctly in snv_135 and later
6951840 o
6949768 fsattr(5) auditing can incorrectly record some open(2) paths as extended attribute paths
6951837 truss(1) doesn't format the output of openat(2) calls correctly in snv_135 and later
6951840 openat(2) doesn't ignore the fd argument when path argument is absolute
6952651 pathnames can be excluded from audit records for extended attribute syscalls in some scenarios
6958299 getattrat(3C) and setattrat(3C) generate audit records with duplicate pathnames
6959020 auditing of getattrat(3C) and setattrat(3C) doesn't handle absolute pathnames correctly
show more ...
|
| #
4a0fa546 |
| 14-Jun-2010 |
Marek Pospisil <Marek.Pospisil@Sun.COM> |
6625545 auditd Generates Plethora Events due to Missing System Files (AUE_OPEN_R, AUE_OPENAT_R, AUE_EXECVE)
6631622 The tad_ctrl (PAD_) stuff is a mess
|
| #
794f0adb |
| 08-Jul-2010 |
Roger A. Faulkner <Roger.Faulkner@Oracle.COM> |
PSARC 2010/235 POSIX 1003.1-2008 *at(2) syscalls
6910251 need support for all POSIX.1-2008 *at(2) syscalls
6964835 mknod(2) auditing omits the pathname for invalid arguments
|
| #
134a1f4e |
| 28-Apr-2010 |
Casper H.S. Dik <Casper.Dik@Sun.COM> |
PSARC 2009/377 In-kernel pfexec implementation.
PSARC 2009/378 Basic File Privileges
PSARC 2010/072 RBAC update: user attrs from profiles
4912090 pfzsh(1) should exist
4912093 pfbash(1) should exist
PSARC 2009/377 In-kernel pfexec implementation.
PSARC 2009/378 Basic File Privileges
PSARC 2010/072 RBAC update: user attrs from profiles
4912090 pfzsh(1) should exist
4912093 pfbash(1) should exist
4912096 pftcsh(1) should exist
6440298 Expand the basic privilege set in order to restrict file access
6859862 Move pfexec into the kernel
6919171 cred_t sidesteps kmem_debug; we need to be able to detect bad hold/free when they occur
6923721 The new SYS_SMB privilege is not backward compatible
6937562 autofs doesn't remove its door when the zone shuts down
6937727 Zones stuck on deathrow; netstack_zone keeps a credential reference to the zone
6940159 Implement PSARC 2010/072
show more ...
|
| #
005d3feb |
| 05-Mar-2010 |
Marek Pospisil <Marek.Pospisil@Sun.COM> |
PSARC/2009/354 Always on / no reboot Solaris Audit
6192139 Solaris auditing should be able to start collecting audit records without a reboot
|
| #
8fd04b83 |
| 01-Mar-2010 |
Roger A. Faulkner <Roger.Faulkner@Sun.COM> |
PSARC 2009/657 delete obsolete system call traps
6906485 delete obsolete system call traps
--HG--
rename : usr/src/cmd/truss/xstat.c => usr/src/cmd/truss/stat.c
rename : usr/src/lib/libc/port/gen/du
PSARC 2009/657 delete obsolete system call traps
6906485 delete obsolete system call traps
--HG--
rename : usr/src/cmd/truss/xstat.c => usr/src/cmd/truss/stat.c
rename : usr/src/lib/libc/port/gen/dup2.c => usr/src/lib/libc/port/gen/dup.c
rename : usr/src/lib/libc/port/sys/libc_fcntl.c => usr/src/lib/libc/port/sys/fcntl.c
rename : usr/src/lib/libc/port/sys/libc_open.c => usr/src/lib/libc/port/sys/open.c
show more ...
|
| #
67dbe2be |
| 20-Nov-2009 |
Casper H.S. Dik <Casper.Dik@Sun.COM> |
PSARC 2009/542 Increase the maximum value of NGROUPS_MAX to 1024
4088757 Customer would like to increase ngroups_max more than 32
6853435 Many files incorrectly include the private <sys/cred_impl.h>
|
| #
73556491 |
| 07-Oct-2009 |
Anthony Scarpino <Anthony.Scarpino@Sun.COM> |
PSARC/2009/447 Kernel Cryptographic Framework support for FIPS 140-2
6703950 Solaris cryptographic framework needs to implement changes for FIPS-140-2 compliance
|
| #
2ec7cc7f |
| 14-Sep-2009 |
Krishna Yenduri <Bhargava.Yenduri@Sun.COM> |
6228975 Need IPv6 support for KSSL
6627569 need kssl_sid_cached kstat counter
6846333 ksslcfg no longer displays version
6668826 missing curly brackets in kssl_release_ent
6873066 cleanup unused code
6228975 Need IPv6 support for KSSL
6627569 need kssl_sid_cached kstat counter
6846333 ksslcfg no longer displays version
6668826 missing curly brackets in kssl_release_ent
6873066 cleanup unused code in ksslproto.h and ksslapi.h
show more ...
|
| #
51d48ded |
| 20-Aug-2009 |
Marek Pospisil <Marek.Pospisil@Sun.COM> |
6823462 AUE_CRYPTOADM, AUE_CONFIGKSSL, AUE_PF_POLICY* don't properly include au_emod information
|
| #
fc960aa7 |
| 23-Jul-2009 |
Brent Paulson <Brent.Paulson@Sun.COM> |
6795688 fsattr(5) auditing needs to be more careful with certain fad_aupaths
6816071 fsattr(5) auditing shouldn't attempt to record pathnames for invalid fds
|
| #
d0fa49b7 |
| 30-Sep-2008 |
Tony Nguyen <Ton.Nguyen@Sun.COM> |
1207395 au_event_t is a currently a short. It should be redefined to be a u_short
|
| #
875a4abc |
| 15-Sep-2008 |
Paul Wernau <Paul.Wernau@Sun.COM> |
6747227 c2_bsm/kernel audit_pf_policy() may leak zone holds
|
| #
950d6705 |
| 08-Sep-2008 |
Paul Wernau <Paul.Wernau@Sun.COM> |
6743863 *c2audit* panics system when flushing non-existent policy
|
| #
da6c28aa |
| 26-Oct-2007 |
amw <none@none> |
PSARC/2007/218 caller_context_t in all VOPs
PSARC/2007/227 VFS Feature Registration and ACL on Create
PSARC/2007/244 ZFS Case-insensitive support
PSARC/2007/315 Extensible Attribute Interfaces
PSARC/
PSARC/2007/218 caller_context_t in all VOPs
PSARC/2007/227 VFS Feature Registration and ACL on Create
PSARC/2007/244 ZFS Case-insensitive support
PSARC/2007/315 Extensible Attribute Interfaces
PSARC/2007/394 ls(1) new command line options '-/' and '-%': CIFS system attributes support
PSARC/2007/403 Modified Access Checks for CIFS
PSARC/2007/410 Add system attribute support to chmod(1)
PSARC/2007/432 CIFS system attributes support for cp(1), pack(1), unpack(1), compress(1) and uncompress(1)
PSARC/2007/444 Rescind SETTABLE Attribute
PSARC/2007/459 CIFS system attributes support for cpio(1), pax(1), tar(1)
PSARC/2007/546 Update utilities to match CIFS system attributes changes.
PSARC/2007/560 ZFS sharesmb property
4890717 want append-only files
6417428 Case-insensitive file system name lookup to support CIFS
6417435 DOS attributes and additional timestamps to support for CIFS
6417442 File system quarantined and modified attributes to support an integrated Anti-Virus service
6417453 FS boolean property for rejecting/allowing invalid UTF-8 sequences in file names
6473733 RFE: Need support for open-deny modes
6473755 RFE: Need ability to reconcile oplock and delegation conflicts
6494624 sharemgr needs to support CIFS shares better
6546705 All vnode operations need to pass caller_context_t
6546706 Need VOP_SETATTR/VOP_GETATTR to support new, optional attributes
6546893 Solaris system attribute support
6550962 ZFS ACL inheritance needs to be enhanced to support Automatic Inheritance
6553589 RFE: VFS Feature Registration facility
6553770 RFE: ZFS support for ACL-on-CREATE (PSARC 2007/227)
6565581 ls(1) should support file system attributes proposed in PSARC/2007/315
6566784 NTFS streams are not copied along with the files.
6576205 cp(1), pack(1) and compress(1) should support file system attributes proposed in PSARC/2007/315
6578875 RFE: kernel interfaces for nbmand need improvement
6578883 RFE: VOP_SHRLOCK needs additional access types
6578885 chmod(1) should support file system attributes proposed in PSARC/2007/315
6578886 RFE: disallow nbmand state to change on remount
6583349 ACL parser needs to support audit/alarm ACE types
6590347 tar(1) should support filesystem attributes proposed in PSARC/2007/315
6597357 *tar* xv@ doesn't show the hidden directory even though it is restored
6597360 *tar* should re-init xattr info if openat() fails during extraction of and extended attribute
6597368 *tar* cannot restore hard linked extended attributes
6597374 *tar* doesn't display "x " when hard linked attributes are restored
6597375 *tar* extended attribute header off by one
6614861 *cpio* incorrectly archives extended system attributes with -@
6614896 *pax* incorrectly archives extended system attributes with -@
6615225 *tar* incorrectly archives extended system attributes with -@
6617183 CIFS Service - PSARC 2006/715
show more ...
|
| #
799bd290 |
| 24-May-2007 |
pwernau <none@none> |
6528002 enable kernel auditing for PF_POLICY
|
| #
9e9e6ab8 |
| 10-May-2007 |
paulson <none@none> |
6388077 audit_{start,finish} call zone_getspecific() every time which is expensive
|
| #
4e5fbfed |
| 19-Feb-2007 |
tz204579 <none@none> |
6370646 'auditconfig -getcond' no longer requires privilege to run
6414737 auditconfig -setasid, -setaudit, -setauid issues
6483469 audit_symlink_create() shoudn't call VOP_LOOKUP() with NO_FOLLOW
|
| #
405e5d68 |
| 05-Jan-2007 |
tz204579 <none@none> |
4689038 auditon() error return is ambiguous
4823956 file(1) does not recognize Solaris Audit File type
6480592 auditing records incorrect pathnames
|