1029 |
next message from wanted source with MSG_PEEK flags. |
next message from wanted source with MSG_PEEK flags. |
1030 |
|
|
1031 |
Version 1.5.0 2007/09/20 Usability enhancement release. |
Version 1.5.0 2007/09/20 Usability enhancement release. |
1032 |
|
|
1033 |
|
Fix 2007/09/27 |
1034 |
|
|
1035 |
|
@ Avoid eating memory after quota exceeded. |
1036 |
|
|
1037 |
|
Although ACL entries in a domain won't be added if the domain's quota |
1038 |
|
has exceeded, SaveName() in AddFileACL() is called anyway. |
1039 |
|
This caused unneeded memory consumption. |
1040 |
|
|
1041 |
|
Now, quota checking is done before getting domain_acl_lock lock. |
1042 |
|
This may exceed quota by one or two entries, but that won't matter. |
1043 |
|
|
1044 |
|
Fix 2007/10/16 |
1045 |
|
|
1046 |
|
@ Add environment variable check. |
1047 |
|
|
1048 |
|
There are environment variables that may cause dangerous behavior |
1049 |
|
like LD_\* . |
1050 |
|
So I introduced 'allow_env' directive that allows specified |
1051 |
|
environment variable inherited to next domain. |
1052 |
|
Unlike other permissions, this check is done at execve() time |
1053 |
|
using next domain's ACL information. |
1054 |
|
|
1055 |
|
To manage commonly inherited environments like PATH , |
1056 |
|
you can use 'allow_env' directive in exception policy |
1057 |
|
to globally grant specified environment variable. |
1058 |
|
|
1059 |
|
Fix 2007/11/05 |
1060 |
|
|
1061 |
|
@ Replace semaphore with mutex. |
1062 |
|
|
1063 |
|
I replaced semaphore with mutex. |
1064 |
|
|
1065 |
|
@ Add missing down() in AddReservedEntry(). |
1066 |
|
|
1067 |
|
Mutex debugging capability told me that I had forgotten to call down() |
1068 |
|
since TOMOYO version 1.3.2 . |
1069 |
|
This function is not called by learning mode, |
1070 |
|
so the semaphore's counter will not overflow for normal usage. |
1071 |
|
|
1072 |
|
Fix 2005/11/27 |
1073 |
|
|
1074 |
|
@ Fix ReadTable() truncation bug. |
1075 |
|
|
1076 |
|
"snprintf(str, size, format, ...) >= size" means truncated. |
1077 |
|
But I was checking for "snprintf(str, size, format, ...) > size". |
1078 |
|
As a result, some entries might be dumped without '\n'. |
1079 |
|
|
1080 |
|
@ Purge direct "->prev"/"->next" manipulation. |
1081 |
|
|
1082 |
|
All list manipulations use "struct list_head" or "struct list1_head". |
1083 |
|
"struct list1_head" doesn't have "->prev" member to save memory usage. |
1084 |
|
|
1085 |
|
Fix 2007/11/29 |
1086 |
|
|
1087 |
|
@ Add missing semaphore in GetEXE(). |
1088 |
|
|
1089 |
|
mm->mmap_sem was missing. |