Re: [capsicum] fstatat() in capabilities mode
Yes, fstatat() is only enabled in Perforce, not the (stabler) capabilities8, but nothing uses it outside of the capsicum-core tree. The fact that fstatat() didn't return -1 is interesting, though.
On 29 May 2010, at 17:34 h, Mark Seaborn wrote:
> I've got the kernel from the capabilities8 SVN branch built and
> running. I tried running the tests in capsicum-core/tests/___at.
> They produced a bunch of errors about fstatat() when used in
> capabilities mode (although it doesn't return a non-zero exit code,
> BTW). It looks like the problem is that fstatat isn't listed in
> sys/kern/capabilities.conf. The patch below fixed the errors. I'm
> guessing that the FreeBSD 8 backport branch might be out-of-date in
> this respect?
> diff --git a/sys/kern/capabilities.conf b/sys/kern/capabilities.conf
> index 06f8f8b..7c7733b 100644
> --- a/sys/kern/capabilities.conf
> +++ b/sys/kern/capabilities.conf
> @@ -465,6 +465,7 @@ mkfifoat
> ## Allow entry into open(2). This system call will fail, since access
> to the global
Research Student, Security Group
University of Cambridge
+44 (01223) 763747
jonathan.anderson at cl.cam.ac.uk
This archive was generated by a fusion of
Pipermail (Mailman edition) and