]> git.ipfire.org Git - thirdparty/dhcpcd.git/commit
projects / thirdparty / dhcpcd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 61f4b7c) | patch
privsep: Enable capsicum for network facing processes
authorRoy Marples <roy@marples.name>
Thu, 7 May 2020 19:57:22 +0000 (20:57 +0100)
committerRoy Marples <roy@marples.name>
Thu, 7 May 2020 19:57:22 +0000 (20:57 +0100)
commit08958eaee78ef439774778c4d2b6339ade2ef7bf
tree6658f3e35253c3e454db835643e0bdaaf860a885tree
parent61f4b7c4a95f7fed415302d9b06995fc9b077480commit | diff
privsep: Enable capsicum for network facing processes

All fd's in network facing processes are fully limited.
Capability mode is only enabled for BPF processes because
it's too restrictive otherwise - the reasons are noted
in the commit.
configure diff | blob | blame | history
src/dhcpcd.c diff | blob | blame | history
src/privsep-bpf.c diff | blob | blame | history
src/privsep-inet.c diff | blob | blame | history
src/privsep.c diff | blob | blame | history
src/privsep.h diff | blob | blame | history
Mirror of https://github.com/NetworkConfiguration/dhcpcd.git