279 Commits (master)

Author SHA1 Message Date
  Shawn Webb 3ed56140ff
Chase KPI change in 13-CURRENT from FreeBSD 4 months ago
  Shawn Webb d4df7084b4
Properly handle HardenedBSD 13-CURRENT 1 year ago
  Oliver Pinter ad99eb1fc4 HBSD: bump secadm version 2 years ago
  Oliver Pinter 5a166f4460 HBSD: follow the hbsdcontrol related backports here too 2 years ago
  Oliver Pinter 252ca3fda8 HBSD: bump secadm version 2 years ago
  Oliver Pinter 947e73dd5e HBSD: as preparation to TOCTOU fix and to hbsdcontrol extend secadm's rules 2 years ago
  Oliver Pinter da70f4cb33 HBSD: same as the previous commit, but for 10 and 11 2 years ago
  Oliver Pinter 4a4f31fd17 HBSD: follow the 38b03bc4f2 change in HardenedBSD.git repo 2 years ago
  Shawn Webb 6d861432dc
Ensure the sanitized path is at least two characters long 2 years ago
  Oliver Pinter 57d21cab92 HBSD: small refactor in kmod/secadm_vnode.c 2 years ago
  Shawn Webb 16df312116
Add a header required for drm-next-4.7. 3 years ago
  Shawn Webb 923ad09a11
Only look for the kernel module if not jailed. 3 years ago
  Shawn Webb 2a03aba18e
Do not lock the parent directory. 3 years ago
  Shawn Webb 7be20c02f4
Document "ALL THE TPE THINGS!" 3 years ago
  Shawn Webb c7ca3e2a3b
Bump version number 3 years ago
  Shawn Webb bd33b6aeb0
Read TPE data from the rules file. 3 years ago
  Shawn Webb 3dd7584b70
Introduce basic Trusted Path Execution (TPE) support 3 years ago
  Shawn Webb a800229daa
Add silly script to generate rules for all running applications. 3 years ago
  Shawn Webb e40e367104
Log when execution is denied due to whitelist mode. 4 years ago
  Shawn Webb ac5abfe7da
Remove extraneous trailing slash. 4 years ago
  Shawn Webb 041f095152
Use boolean strings with xo_emit for json and xml output. 4 years ago
  Shawn Webb 162c5d1652
Merge remote-tracking branch 'xmj/master' 4 years ago
  Johannes Meixner 790cbbf92f CRF: Use bsd.port.mk style. 4 years ago
  Johannes Meixner 4987d9a44d Invert logic 4 years ago
  Olivér Pintér 924088333c Merge pull request #25 from CTurt/patch-1 4 years ago
  Johannes Meixner 3f06a03ab3 Separate build by use-case. 4 years ago
  Shawn Webb 9291b24e4b
Allow conditional deletion and modification of files. 4 years ago
  Shawn Webb 800f2f3d0e
Bump version number for the 0.3 release 4 years ago
  Shawn Webb d77d2ddde5
Add reference to integriforce utility script. 4 years ago
  Shawn Webb 8c1494a502
Add secadm.rules(5) manpage. 4 years ago
  Shawn Webb 6d2f4f6838
Reference the right manpage. 4 years ago
  Shawn Webb 23187ebd93
Fix manpage entries in the various Makefile files 4 years ago
  Shawn Webb 4e62d611fb
Add EXAMPLES section 4 years ago
  Shawn Webb 17c93b08a3
Document the add command more. 4 years ago
  Shawn Webb ab32d05207
Add rough draft of secadm(8) manpage. 4 years ago
  Shawn Webb 8b2a62ea12
Bump secadm version due to new whitelist feature. 4 years ago
  Shawn Webb 3df2556b55
Get the status of the whitelist mode. 4 years ago
  Shawn Webb 2e23f84361
Only set whitelist mode from config if not in validation mode. 4 years ago
  Shawn Webb e13e7f3f78
Dedup the Integriforce rules. 4 years ago
  Shawn Webb 7a5149afbe
Use the real path of resolved dependencies 4 years ago
  Shawn Webb f90ada4e3d
Update Integriforce script to match new syntax. 4 years ago
  Shawn Webb fe50aeb48d
Switch to using sx(9) locks. 4 years ago
  Shawn Webb d604fb2e39
Basic whitelist mode support. 4 years ago
  Shawn Webb 5e05df01d4
Ensure more UCL-fetched variables are sane 4 years ago
  Shawn Webb ad69baa051
Ensure key variable is valid 4 years ago
  Shawn Webb f102e0c8bd
Initialize ruleset to NULL 4 years ago
  CTurt e836ce1a8f Correct example path 4 years ago
  Shawn Webb efa27d093c
Bump the shared object major version number due to the rewrite. 4 years ago
  Shawn Webb aa75f010eb
Update the example rule file. Remove all others. 4 years ago
  Shawn Webb 3e3fe8cb6d
FreeBSD moved around the crypto headers. Fix Integriforce to match. 4 years ago