man-pages

Commit Graph

Author	SHA1	Message	Date
Michael Kerrisk	4acc2a5ff8	sysinfo.2: srcfix: remove request to add timestamp in source; we have Git nowadays Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-07-05 12:44:39 +02:00
Michael Kerrisk	7106a19458	ldd.1: Add a little more detail on why ldd is unsafe with untrusted executables Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-07-05 12:44:39 +02:00
Michael Kerrisk	0fa34fb396	utimensat.2: Note that the glibc wrapper disallows pathname==NULL Reported-by: Rob Landley <rob@landley.net> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-07-02 11:25:51 +02:00
Michael Kerrisk	2389c1e3c1	utimensat.2: Minor fix: reorder some text in NOTES Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-07-02 11:20:42 +02:00
Michael Kerrisk	f69c2584a9	getpriority.2: Make discussion of RLIMIT_NICE more prominent The discussion of RLIMIT_NICE was hidden under the EPERM error, where it was difficult to find. Place some relevant text in DESCRIPTION. Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-07-02 00:45:20 +02:00
Michael Kerrisk	b8bc577b89	getpriority.2: Clarify equivalence between lower nice value and higher priority Reported-by: Robin Kuzmin <kuzmin.robin@gmail.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-07-02 00:36:43 +02:00
Michael Kerrisk	653c1fe2e2	getpriority.2: Note that getpriority()/setpriority deal with same attribute as nice(2) Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-07-02 00:32:32 +02:00
Michael Kerrisk	659cc17f4f	setfsgid.2, setfsuid.2: Note which glibc version stopped checking for truncation of the argument Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-07-02 00:15:24 +02:00
Michael Kerrisk	dc439d82cb	setfsgid.2, setfsuid.2: Move glibc wrapper notes to "C library/kernel differences" subsection Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-07-02 00:13:05 +02:00
Jann Horn	de61071a21	setfsgid.2, setfsuid.2: Fix note about errors from the syscall wrapper See sysdeps/unix/sysv/linux/i386/setfsuid.c in glibc-2.2.1. (This code is not present in modern glibc anymore.) Signed-off-by: Jann Horn <jannh@google.com>	2016-07-02 00:09:30 +02:00
Jakub Wilk	658a3012f8	bootparam.7: tfix Signed-off-by: Jakub Wilk <jwilk@jwilk.net>	2016-07-01 20:57:31 +02:00
Jakub Wilk	999d535dde	dir_colors.5: tfix Signed-off-by: Jakub Wilk <jwilk@jwilk.net>	2016-07-01 20:56:47 +02:00
Jakub Wilk	48235a56f3	syscalls.2: tfix Signed-off-by: Jakub Wilk <jwilk@jwilk.net>	2016-07-01 20:56:11 +02:00
Michael Kerrisk	e203673ac7	unshare.2: Add reference to mount_namespaces(7) under CLONE_NEWNS description Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:32 +02:00
Michael Kerrisk	c212248c77	clone.2: Add reference to mount_namespaces(7) under CLONE_NEWNS description Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:32 +02:00
Michael Kerrisk	39b3f0058e	clone.2: tfix Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:32 +02:00
Michael Kerrisk	b7b798454a	mount.2: Refer reader to mount_namespaces(7) for details on propagation types Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:32 +02:00
Michael Kerrisk	f481726d64	mount_namespaces.7: Minor fixes Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:32 +02:00
Michael Kerrisk	e210919644	mount_namespaces.7: Describe "dominant peer group" and "propagate_from" mountinfo tag Reported-by: Miklos Szeredi <mszeredi@redhat.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:32 +02:00
Michael Kerrisk	966b583993	proc.5: Move shared subtree /proc/PID/mountinfo fields to mount_namespaces(7) Move information on shared subtree fields in /proc/PID/mountinfo to mount_namespaces(7). Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	211f4a1468	proc.5: ffix Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	803c129a65	proc.5: srcfix Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	ef5b47f63c	proc.5: Add references to mount_namespaces(7) Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	a67271b0c9	umount.2: SEE ALSO: add mount_namespaces(7) Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	3077ac0f12	mount.2: SEE ALSO: s/namespaces(7)/mount_namespaces(7)/ Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	da031af127	namespaces.7: Refer to new mount_namespaces(7) for information on mount namespaces Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	d9cdf357c9	mount_namespaces.7: Minor tweaks Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	98c28960c3	mount_namespaces.7: New page describing mount namespaces Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	20eed1b32f	proc.5: /proc/PID/mountinfo 'propagate_from' always appears with 'master' tag Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	124b24148b	proc.5: Rework /proc/PID/mountinfo text on dominant peer groups Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	e7fa660159	proc.5: ffix + wfix Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:31 +02:00
Michael Kerrisk	fa7ae0ea13	user_namespaces.7: Correct kernel version where XFS added support for user namespaces Linux 3.12, not 3.11. Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-30 06:08:18 +02:00
Michael Kerrisk	028b5760e8	ptrace.2: Minor fixes after review by Kees Cook Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:30 +02:00
Michael Kerrisk	e48ed83a6a	ptrace.2: tfix Reported-by: Jann Horn <jann@thejh.net> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:30 +02:00
Michael Kerrisk	d5765e275d	ptrace.2: Note that user namespaces can be used to bypass Yama protections Cowrittten-by: Jann Horn <jann@thejh.net> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:30 +02:00
Michael Kerrisk	801245a110	user_namespaces.7: SEE ALSO: add ptrace(2) Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:30 +02:00
Michael Kerrisk	e532361686	ptrace.2: Update Yama ptrace_scope documentation Reframe the discussion in terms of PTRACE_MODE_ATTACH checks, and make a few other minor tweaks and additions. Reviewed-by: Jann Horn <jann@thejh.net> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:30 +02:00
Michael Kerrisk	94b0464cc2	ptrace.2: wfix Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:30 +02:00
Michael Kerrisk	b0459842ff	ptrace.2: srcfix: add 2015 copyright notice for mtk (Yama ptrace_scope text added in 2015.) Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:30 +02:00
Michael Kerrisk	00172d8d96	ptrace.2: Add an introductory paragraph to the Ptrace access mode checks" section Reported-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Michael Kerrisk	1c22e40a71	ptrace.2: tfix Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Michael Kerrisk	3224581342	ptrace.2: wfix Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Michael Kerrisk	edb7368474	ptrace.2: Relocate text noting that PTRACE_MODE_* constants are kernel-internal (No content changes.) Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Michael Kerrisk	be26fa864f	ptrace.2: wfix Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Michael Kerrisk	bcd0d82dac	ptrace.2: srcfix Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Stephen Smalley	3cd161fe57	ptrace.2: Describe PTRACE_MODE_NOAUDIT in more detail Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Michael Kerrisk	78f0786577	ptrace.2: Further fixes after review from Jann Horn Reported-by: Jann Horn <jann@thejh.net> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Michael Kerrisk	a330bffa78	ptrace.2: Minor improvements to ptrace access mode text Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Michael Kerrisk	611d3ac40a	ptrace.2: Various fixes after review by Jann Horn Among other things, Jann pointed out that the commoncap LSM is always invoked, and Kees Cook pointed out the relevant kernel code: === > BTW, can you point me at the piece(s) of kernel code that show that > "commoncap" is always invoked in addition to any other LSM that has > been installed? It's not entirely obvious, but the bottom of security/commoncap.c shows: struct security_hook_list capability_hooks[] = { LSM_HOOK_INIT(capable, cap_capable), ... }; void __init capability_add_hooks(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks)); } And security/security.c shows the initialization order of the LSMs: int __init security_init(void) { pr_info("Security Framework initialized\n"); /* * Load minor LSMs, with the capability module always first. / capability_add_hooks(); yama_add_hooks(); loadpin_add_hooks(); / * Load all the remaining security modules. */ do_security_initcalls(); return 0; } === Reported-by: Jann Horn <jann@thejh.net> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00
Michael Kerrisk	0647331a06	kcmp.2, ptrace.2: tfix Reported-by: Jann Horn <jann@thejh.net> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +02:00

1 2 3 4 5 ...

15986 Commits All Branches Search

15986 Commits

All Branches