History log of /illumos-gate/usr/src/uts/common/os/policy.c (Results 1 – 25 of 51)
Revision Date Author Comments
# ad8f9d95 28-Feb-2022 Joshua M. Clulow

14537 UFS should not allow directories to be unlinked
Reviewed by: Juraj Lutter <juraj@lutter.sk>
Reviewed by: Rich Lowe <richlowe@richlowe.net>
Reviewed by: Robert Mustacchi <rm@fingolfi

14537 UFS should not allow directories to be unlinked
Reviewed by: Juraj Lutter <juraj@lutter.sk>
Reviewed by: Rich Lowe <richlowe@richlowe.net>
Reviewed by: Robert Mustacchi <rm@fingolfin.org>
Reviewed by: Toomas Soome <tsoome@me.com>
Approved by: Dan McDonald <danmcd@joyent.com>

show more ...


# 047043c2 09-Apr-2020 Robert Mustacchi

13144 refactor amdf17nbdf into a nexus
13145 rewrite amdf17nbdf to use the ksensor framework
13146 Want a driver for AMD SMN user access
Reviewed by: Patrick Mooney <pmooney@pfmooney.com>

13144 refactor amdf17nbdf into a nexus
13145 rewrite amdf17nbdf to use the ksensor framework
13146 Want a driver for AMD SMN user access
Reviewed by: Patrick Mooney <pmooney@pfmooney.com>
Reviewed by: Mike Zeller <mike.zeller@joyent.com>
Reviewed by: Robert French <robert@robertdfrench.me>
Approved by: Richard Lowe <richlowe@richlowe.net>

show more ...


# 7e12ceb3 18-Jan-2019 Toomas Soome

10376 uts: NULL pointer issues in genunix
Reviewed by: Andy Fiddaman <andy@omniosce.org>
Reviewed by: Andy Stormont <astormont@racktopsystems.com>
Reviewed by: John Levon <john.levon@joye

10376 uts: NULL pointer issues in genunix
Reviewed by: Andy Fiddaman <andy@omniosce.org>
Reviewed by: Andy Stormont <astormont@racktopsystems.com>
Reviewed by: John Levon <john.levon@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>

show more ...


# 993e3faf 01-Mar-2017 Robert Mustacchi

1979 USB 3.0 support
7918 want usb_pipe_xopen(9F)
7919 usbai burst macros for endpoint descriptor are wrong
7920 usba_hcdi_register() should fail if driver is using private data
7921

1979 USB 3.0 support
7918 want usb_pipe_xopen(9F)
7919 usbai burst macros for endpoint descriptor are wrong
7920 usba_hcdi_register() should fail if driver is using private data
7921 failing to load the usba root hub module destroys driver parent private data
7922 want ::hubd walker
7923 ::prtusb should include version
7924 usb_*_request(9S) manual pages should match structure names
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Bryan Cantrill <bryan@joyent.com>
Reviewed by: Dale Ghent <daleg@omniti.com>
Reviewed by: Toomas Soome <tsoome@me.com>
Approved by: Richard Lowe <richlowe@richlowe.net>

show more ...


# 48bbca81 17-Feb-2017 Daniel Hoffman

7812 Remove gender specific language
Reviewed by: Matt Ahrens <mahrens@delphix.com>
Reviewed by: Prakash Surya <prakash.surya@delphix.com>
Reviewed by: Steve Gonczi <steve.gonczi@delphix.

7812 Remove gender specific language
Reviewed by: Matt Ahrens <mahrens@delphix.com>
Reviewed by: Prakash Surya <prakash.surya@delphix.com>
Reviewed by: Steve Gonczi <steve.gonczi@delphix.com>
Reviewed by: Chris Williamson <chris.williamson@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Igor Kozhukhov <igor@dilos.org>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Richard Lowe <richlowe@richlowe.net>

show more ...


# d2a70789 16-Apr-2014 Richard Lowe

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (ASLR)
7031 noexec_user_stack should be a security-flag
7032 want a means t

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (ASLR)
7031 noexec_user_stack should be a security-flag
7032 want a means to forbid mappings around NULL
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Reviewed by: Patrick Mooney <pmooney@joyent.com>
Approved by: Dan McDonald <danmcd@omniti.com>

show more ...


# 37294019 30-Oct-2015 Jerry Jelinek

6417 Want a privilege for accessing information about physical memory
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Gordon Ross <gordon.ross@nexenta.com>


# 24d819e6 28-Jul-2013 Jerry Jelinek

3923 Users should be able to lower nice value of processes within a zone
3924 privileges.5 man page missing PRIV_SYS_RES_BIND
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Go

3923 Users should be able to lower nice value of processes within a zone
3924 privileges.5 man page missing PRIV_SYS_RES_BIND
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Gordon Ross <gwr@nexenta.com>

show more ...


# 6a634c9d 19-Aug-2010 Richard Lowe

merge with onnv_147
Reviewed by: garrett@nexenta.com
Approved by: garrett@nexenta.com


# fd9ee8b5 11-Aug-2010 joyce mcintosh

6972305 Preferred DC not selected after setting pdc via sharectl
6971047 smbd hang during FVT regression test
6711195 Sparc:Get error "Windows Explorer has stopped working" once click on Deta

6972305 Preferred DC not selected after setting pdc via sharectl
6971047 smbd hang during FVT regression test
6711195 Sparc:Get error "Windows Explorer has stopped working" once click on Details fr Properties on Vista
PSARC/2009/464 Offline attribute
6972515 Offline attribute - PSARC 2009/464
PSARC/2010/037 Windows Sparse Attribute
6972519 Windows Sparse Attribute - PSARC 2010/037
6719444 [CLI] - idmap help's output is not consistent with man pages's
6975449 idmap test suite needs idmap_cache_get_data() from libidmap
6974351 OpenSSL still taking smbd down

--HG--
rename : usr/src/lib/libidmap/common/idmap_priv.h => usr/src/cmd/idmap/idmap/namemaps.h

show more ...


# 0fbb751d 16-Jun-2010 John Levon

PSARC 2010/144 lofi(7D) in non global zones
6354954 lofi support in non-global zones
6942891 prof_lookup_globaldev() leaks rootdir refs
6945005 lofiadm -a /dev/lofi/1: recursive mutex ent

PSARC 2010/144 lofi(7D) in non global zones
6354954 lofi support in non-global zones
6942891 prof_lookup_globaldev() leaks rootdir refs
6945005 lofiadm -a /dev/lofi/1: recursive mutex enter
6946486 lofi_ioctl() shouldn't allow disk ioctl()s on /dev/lofictl

show more ...


# bbf58fc5 25-May-2010

PSARC/2010/181 PRIV_SYS_RES_BIND privilege
6953849 need ability to bind to processor sets from within a zone


# 060fafac 24-May-2010 Casper H.S. Dik

6954837 PRIV_FILE_CHOWN missing from 6859862 breaks ABE


# 134a1f4e 28-Apr-2010 Casper H.S. Dik

PSARC 2009/377 In-kernel pfexec implementation.
PSARC 2009/378 Basic File Privileges
PSARC 2010/072 RBAC update: user attrs from profiles
4912090 pfzsh(1) should exist
4912093 pfbash(

PSARC 2009/377 In-kernel pfexec implementation.
PSARC 2009/378 Basic File Privileges
PSARC 2010/072 RBAC update: user attrs from profiles
4912090 pfzsh(1) should exist
4912093 pfbash(1) should exist
4912096 pftcsh(1) should exist
6440298 Expand the basic privilege set in order to restrict file access
6859862 Move pfexec into the kernel
6919171 cred_t sidesteps kmem_debug; we need to be able to detect bad hold/free when they occur
6923721 The new SYS_SMB privilege is not backward compatible
6937562 autofs doesn't remove its door when the zone shuts down
6937727 Zones stuck on deathrow; netstack_zone keeps a credential reference to the zone
6940159 Implement PSARC 2010/072

show more ...


# 005d3feb 05-Mar-2010 Marek Pospisil

PSARC/2009/354 Always on / no reboot Solaris Audit
6192139 Solaris auditing should be able to start collecting audit records without a reboot


# d93c0b4c 21-Jan-2010 Casper H.S. Dik

6918265 priv_debug is too noisy to allow enabling it by default even in DEBUG builds


# 634e26ec 18-Jan-2010 Casper H.S. Dik

PSARC 2009/686 Improving the use and debugging of the basic privilege set.
PSARC/2009/685 Basic Network Privilege
6434380 Expanding the basic privilege set in order to restrict network access

PSARC 2009/686 Improving the use and debugging of the basic privilege set.
PSARC/2009/685 Basic Network Privilege
6434380 Expanding the basic privilege set in order to restrict network access and IPC
6912229 Multiple applications mishandle privilege operations, particular they ignore the basic set
6915243 dladm mishandles basic privileges
6915244 in.tftpd mishandles privileges operations
6915250 NDMP mishandles basic privileges
6915257 smbd mishandles basic privileges
6915277 login audit mishandles basic privileges
6915284 su audit mishandles basic privileges
6915778 lpd-port mishandles basic privileges
6915782 zlogin mishandles basic privileges

show more ...


# 5d3b8cb7 02-Nov-2009 Bill Sommerfeld

PSARC/2008/252 Labeled IPsec phase 1
6886771 Labeled IPsec phase 1
6808727 Alignment error panic in tsol_can_accept_raw()
6894979 nightly -0 + -p builds then destroys SUNW0on


# 0a0e9771 24-Sep-2009 Darren Reed

PSARC/2009/232 Solaris Packet Capture
PSARC/2009/403 kstats for ipnet
6824047 every downcall function should have a "notsupported" function
6822740 RFE: provide PF_PACKET for developers o

PSARC/2009/232 Solaris Packet Capture
PSARC/2009/403 kstats for ipnet
6824047 every downcall function should have a "notsupported" function
6822740 RFE: provide PF_PACKET for developers on OpenSolaris
6822741 RFE: Solaris needs BPF to improve the packet capture story
6867683 RFE: need to be able to retrieve physical interface flags

show more ...


# 2b24ab6b 23-Sep-2009 Sebastien Roy

PSARC 2009/373 Clearview IP Tunneling
PSARC 2009/410 Datalink Administration from Non-Global Zones
6858533 Clearview IP Tunneling
4861777 *snoop* cannot snoop on tunnel interfaces
501

PSARC 2009/373 Clearview IP Tunneling
PSARC 2009/410 Datalink Administration from Non-Global Zones
6858533 Clearview IP Tunneling
4861777 *snoop* cannot snoop on tunnel interfaces
5010680 M_IOCTL interface between ip and tun is horribly wrong
5029727 tun prints bogus debug messages when receiving multicast packets on 6to4 tunnels
6835873 dlpi_walk() silently fails in an exclusive zone
4152864 must not allow two tunnels to have the same tsrc/tdst pair
6855902 link and flow kstats are too promiscuous
6218826 need to be able to tunnel into a zone
4505468 network interface names can confuse, lie, and deceive
4524756 tun_wproc() takes up too much stack
6417373 tun_wproc_mdata assertion failures
4627970 scalability problems with IP in IP tunnels
4674797 ifparse_ifspec() will not correctly parse ipv6 tunnels
6509231 dladm should show links in exclusive stack zone
4793233 tun driver should include addr in DL_PHYS_ADDR_ACK for non-zero lengths
6795831 ZONE_*_DATALINK syscalls should take datalink_id_t as argument
6791472 mac module doesn't allow MAC addresses < 6 bytes
6618091 Race condition trips ASSERT() in tun.c's SIOCSLIFNAME path
6837580 bogus mi_active check in mac_set_mtu()
6868083 libinetutil: ofmt_open()'s template argument should be const
6870313 libdladm: needless dladm_init_linkprop() in i_dladm_aggr_up()
6872221 panic in dls_devnet_close() if "mtu" property is being set
4289774 Change to the interface-id does not change IPv6 link-local address
6873561 unable to create links with 31 character link names
6874666 changing a link property can accidentally destroy it
6874682 removing a link attribute corrupts the attribute list
6875167 IPCL_ISV6 conn flag is set but never used
6881764 itp reference leak in ipsec_construct_inverse_acquire()
6881951 dladm delete-vlan can no longer delete persistent-only VLANs

--HG--
rename : usr/src/uts/common/inet/tun.h => usr/src/uts/common/inet/iptun.h
rename : usr/src/uts/common/inet/ip/tun.c => usr/src/uts/common/inet/iptun/iptun.c
rename : usr/src/uts/intel/tun/Makefile => usr/src/uts/intel/iptun/Makefile
rename : usr/src/uts/sparc/tun/Makefile => usr/src/uts/sparc/iptun/Makefile

show more ...


# 1c7cef2b 22-Jul-2009 Stan Studzinski

6636344 when low on swap, anon_resvmem() overly throttles root-owned processes


# e02bc683 15-Jun-2009 Mark Shellenbaum

6848431 zfs with rstchown=0 or file_chown_self privilege allows user to "take" ownership


# f53eecf5 29-May-2009 James Carlson

PSARC 2009/317 Solaris PPP/PPPoE Updates
4695172 3COM has its own incompatible dialect of PPPoE
4704518 security checks on chap peer name cause interoperability problems
4711045 pppd shou

PSARC 2009/317 Solaris PPP/PPPoE Updates
4695172 3COM has its own incompatible dialect of PPPoE
4704518 security checks on chap peer name cause interoperability problems
4711045 pppd should not be discarding debug information on fatal signals
4711046 pppoec should provide a way to limit match against wildcard service
4714306 sppptun should not use M_ERROR to signal protocol problems
4743677 pppd can trigger latent access server bug
4750809 pppd needs lint cleanup
4947676 spppcomp_wput() allows an unprivileged process to "hang" the system.
5058886 PPPD misses first LCP configuration request
5060749 need a way to log demand-dial action at higher priority
5093264 PPPoE server can omit Service-Name tag in PADS response
6291911 ugly preremove script in SUNWpppdt causes messages on pkgrm from zone
6589814 pppd disavows bad echo-reply count
6636684 PPP should work in non-global exclusive-stack zones
6637245 sppp driver has half-baked _mi_driver_info function
6704096 SUNWpppdu and SUNWpppdr package dependency and content issues
6753945 sppptun doesn't honor clearview vanity naming feature.

show more ...


# da14cebe 05-Dec-2008 Eric Cheng

PSARC/2006/357 Crossbow - Network Virtualization and Resource Management
6498311 Crossbow - Network Virtualization and Resource Management
6402493 DLPI provider loopback behavior should be im

PSARC/2006/357 Crossbow - Network Virtualization and Resource Management
6498311 Crossbow - Network Virtualization and Resource Management
6402493 DLPI provider loopback behavior should be improved
6453165 move mac capabs definitions outside mac.h
6338667 Need ability to use NAT for non-global zones
6692884 several threads hung due to deadlock scenario between aggr and mac
6768302 dls: soft_ring_bind/unbind race can panic in thread_affinity_set with cpu_id == -1
6635849 race between lacp_xmit_sm() and aggr_m_stop() ends in panic
6742712 potential message double free in the aggr driver
6754299 a potential race between aggr_m_tx() and aggr_port_delete()
6485324 mi_data_lock recursively held when enabling promiscuous mode on an aggregation
6442559 Forwarding perf bottleneck due to mac_rx() calls
6505462 assertion failure after removing a port from a snooped aggregation
6716664 need to add src/dst IP address to soft ring fanout

--HG--
rename : usr/src/uts/common/io/dls/dls_soft_ring.c => usr/src/uts/common/io/mac/mac_soft_ring.c
rename : usr/src/uts/common/inet/ip/ip_cksum.c => usr/src/uts/common/os/ip_cksum.c
rename : usr/src/uts/common/inet/sctp_crc32.c => usr/src/uts/common/os/sctp_crc32.c
rename : usr/src/uts/common/sys/dls_soft_ring.h => usr/src/uts/common/sys/mac_soft_ring.h

show more ...


# 47def0dc 17-Sep-2008 Mark Shellenbaum

6744510 Should not allow to rename a file/folder when a user does not have permission


123