Diff of /trunk/1.7.x/ccs-patch/README.ccs

TOMOYO

 Subversion リポジトリの参照



/[tomoyo]/trunk/1.7.x/ccs-patch/README.ccs




Diff of /trunk/1.7.x/ccs-patch/README.ccs



 Parent Directory

|  Revision Log



|  Patch














revision 1278 by kumaneko,
Tue Jun 10 00:59:43 2008 UTC




revision 1319 by kumaneko,
Sun Jun 22 03:31:36 2008 UTC






#

Line 1468 
 Fix 2008/06/10


Line 1468 
 Fix 2008/06/10












1468
 
 

















1469
       To allow users specify locale specific files to globally readable files,
       To allow users specify locale specific files to globally readable files,

















1470
       I relaxed checking in update_globally_readable_entry().
       I relaxed checking in update_globally_readable_entry().












1471
 
 







1472
 
     @ Move ALLOW_ENFORCE_GRACE=enabled checking to write_answer().







1473
 
 







1474
 
       To allow users use ccs-notifyd without turning ALLOW_ENFORCE_GRACE on,







1475
 
       I moved it from ccs_check_supervisor() to write_answer().







1476
 
 







1477
 
 Fix 2008/06/11







1478
 
 







1479
 
     @ Remove ALLOW_ENFORCE_GRACE parameter.







1480
 
 







1481
 
       Since unexpected requests caused by doing software updates can happen







1482
 
       in all profiles, users likely have to write ALLOW_ENFORCE_GRACE=enabled







1483
 
       to all profiles. And it makes meaningless to allow users to selectively







1484
 
       enable specific profile's ALLOW_ENFORCE_GRACE parameter.







1485
 
       So, I removed ALLOW_ENFORCE_GRACE parameter.







1486
 
       Now, the system behaves as if ALLOW_ENFORCE_GRACE=enabled is specified.







1487
 
       The behavior of "delayed enforcing" mode is defined in the following







1488
 
       order.







1489
 
 







1490
 
       (1) The requests are rejected immediately if nobody is opening







1491
 
           /proc/ccs/query interface.







1492
 
       (2) The requests will be rejected in 10 seconds if somebody other than







1493
 
           ccs-queryd (such as less(1)) is opening /proc/ccs/query interface,







1494
 
           for such process doesn't write dummy decisions.







1495
 
 







1496
 
 Fix 2008/06/22







1497
 
 







1498
 
     @ Pass escaped pathname to audit_execute_handler_log().







1499
 
 







1500
 
       I was passing unescaped pathname to audit_execute_handler_log()







1501
 
       which causes /proc/ccs/grant_log contain whitespace characters







1502
 
       if execute handler's pathname contains whitespace characters.







1503
 
 







1504
 
 Version 1.6.2 2008/??/??   Usability enhancement release.
























Legend:



Removed from v.1278
 


changed lines


 
Added in v.1319













Back to OSDN">Back to OSDN
ViewVC Help


Powered by ViewVC 1.1.26
 /[tomoyo]/trunk/1.7.x/ccs-patch/README.ccs
-revision 1278 by kumaneko,
Tue Jun 10 00:59:43 2008 UTC
+revision 1319 by kumaneko,
Sun Jun 22 03:31:36 2008 UTC
 Line 1468 
 Fix 2008/06/10
        To allow users specify locale specific files to globally readable files,
        I relaxed checking in update_globally_readable_entry().
+     @ Move ALLOW_ENFORCE_GRACE=enabled checking to write_answer().
+       To allow users use ccs-notifyd without turning ALLOW_ENFORCE_GRACE on,
+       I moved it from ccs_check_supervisor() to write_answer().
+ Fix 2008/06/11
+     @ Remove ALLOW_ENFORCE_GRACE parameter.
+       Since unexpected requests caused by doing software updates can happen
+       in all profiles, users likely have to write ALLOW_ENFORCE_GRACE=enabled
+       to all profiles. And it makes meaningless to allow users to selectively
+       enable specific profile's ALLOW_ENFORCE_GRACE parameter.
+       So, I removed ALLOW_ENFORCE_GRACE parameter.
+       Now, the system behaves as if ALLOW_ENFORCE_GRACE=enabled is specified.
+       The behavior of "delayed enforcing" mode is defined in the following
+       order.
+       (1) The requests are rejected immediately if nobody is opening
+           /proc/ccs/query interface.
+       (2) The requests will be rejected in 10 seconds if somebody other than
+           ccs-queryd (such as less(1)) is opening /proc/ccs/query interface,
+           for such process doesn't write dummy decisions.
+ Fix 2008/06/22
+     @ Pass escaped pathname to audit_execute_handler_log().
+       I was passing unescaped pathname to audit_execute_handler_log()
+       which causes /proc/ccs/grant_log contain whitespace characters
+       if execute handler's pathname contains whitespace characters.
+ Version 1.6.2 2008/??/??   Usability enhancement release.
 Legend:



Removed from v.1278
 


changed lines


 
Added in v.1319
 Legend:



Removed from v.1278
 


changed lines


 
Added in v.1319
-Removed from v.1278
+Added in v.1319
-Back to OSDN">Back to OSDN
+ViewVC Help
 Powered by ViewVC 1.1.26

オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照