Commit Briefs
fix signal handling so it works on linux too
it seems that linux calls the signal handlers even when we're waiting on sigwait for that signal. Work around that.
[seccomp] allow prlimit64
it's needed by getdtablesize, at least on glibc
kill only $pid during regress testing
before we did `pkill gmid', but that would influence also other instances of gmid!
move all sandbox-related code to sandbox.c
while there, add capsicum for the logger process
refactoring: imsg everywhere
use imsg to handle ALL kinds of IPC in gmid. This simplifies and shorten the code, and makes everything more uniform too.
handle SIGHUP gracefully
i.e. don't print scary messages with LOG_CRIT priority!
fix out-of-bounds access
obviously msg[datalen] is an off-by-one
give each server process its own socket for the executor
this fixes a bug introduced with the prefork mechanics: every server process shared the same socket, and this would cause a race condition when multiple server processes asked for a script cgi being executed. This gives each server process its own socket to talk to the executor, so the race cannot happen.