Commits
- Commit:
67347fb02188b5cad33b647df942b38226471b9c
- From:
- Omar Polo <op@omarpolo.com>
- Date:
sync changelog
- Commit:
d0e0be1e43e6628e6215e1803c7a2415dd58c9bd
- From:
- Tobias Berger <tobi.berger13@gmail.com>
- Via:
- omar-polo <op@omarpolo.com>
- Date:
Allow Arch-Armv7 syscalls in sandbox.c
- Commit:
c6ae2561a0345a7bd98652b66d7237d8bb88db5e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
update the site for the release
- Commit:
b4b432e78ed2c8d7d3d42a722dd8deb5773848de
- From:
- Omar Polo <op@omarpolo.com>
- Date:
sync changelog
- Commit:
f2dbf375a0d3313a64ac69e882291f237f1ba056
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tag 1.8.1 -- "Lightbulb Sun" bugfix release
gmid 1.8.1 "Lightbulb Sun" bugfix release
=========================================
Released Feb 10, 2022.
signify(1) pubkeys for this release:
RWTy3UJQzpxBUAymBwb2EGLLm0b3H/1n8hzhaC9HYFYzNuTavGt9QSwC
Bug fixes
---------
* fix landlock usage on linux: don't assume that access
capabilities not listed are implicitly denied, because they are
not. Mickaël Salaün, the landlock author, found the same error
on game of trees:
> In a nutshell, the ruleset's handled_access_fs is required for
> backward and forward compatibility (i.e. the kernel and user space may
> not know each other's supported restrictions), hence the need to be
> explicit about the denied-by-default access rights.
In practice this affects only linux and only partially: thanks
to the design of the daemon and the seccomp filter the effects
of this mistake in handling landlock are fortunately limited.
However, in theory at least, gmid could be for e.g. tricked into
truncating existing files, so it's highly suggested to update.
Improvements
------------
All by Anna “CyberTailor”, thanks!
* don't skip unit tests when SKIP_RUNTIME_TEST is set
* add `gg' to the regress target dependencies
* fix the "implicit declaration of asprintf" warning
* sync vim syntax
- Commit:
98c6f8de41647ba565dcbdaccf876277b404161e
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix landlock usage
Mickaël Salaün, the landlock author, pointed out the same error on the
got implementation. The assumption that not listed access
capabilities are implicitly denied is completely wrong:
> In a nutshell, the ruleset's handled_access_fs is required for
> backward and forward compatibility (i.e. the kernel and user space may
> not know each other's supported restrictions), hence the need to be
> explicit about the denied-by-default access rights.
- Commit:
be88c5d657e2a2e0a2a9f6d75910e5f08ec5e755
- From:
- Anna “CyberTailor” <cyber@sysrq.in>
- Via:
- Omar Polo <op@omarpolo.com>
- Date:
sync vim syntax
- Commit:
1f1f381068ac81bb86177e7d55e75f440522643f
- From:
- Anna “CyberTailor” <cyber@sysrq.in>
- Via:
- Omar Polo <op@omarpolo.com>
- Date:
include gmid.h before other headers to get all the prototypes
> implicit declaration of function 'asprintf'; did you mean 'vsprintf'?
- Commit:
e20755180f19eae16b5781e562978faf05f9579b
- From:
- Anna “CyberTailor” <cyber@sysrq.in>
- Via:
- Omar Polo <op@omarpolo.com>
- Date:
add gg to `make regress` dependencies
- Commit:
c1a72dab7a5af18534c4346ff78aedeb48158576
- From:
- Anna “CyberTailor” <cyber@sysrq.in>
- Via:
- Omar Polo <op@omarpolo.com>
- Date:
typo
- Commit:
1ca7a0f3bfa18beaeae28cae9afe64bad617dff4
- From:
- Anna “CyberTailor” <cyber@sysrq.in>
- Via:
- Omar Polo <op@omarpolo.com>
- Date:
don't skip unit tests when SKIP_RUNTIME_TESTS is set
IRI and Punycode tests don't run gmid binary and can be safely executed.
- Commit:
f525aa55b85d7186f701d74b8a62ca7151ab2e9a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
start new release cycle
- Commit:
a14b9f779f14edee7c22e12f1ad8a4ba2d3134df
- From:
- Omar Polo <op@omarpolo.com>
- Date:
prepare 1.8 release
- Commit:
de721c431c55c0fe05798c95f4c6ee3ec9a42148
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add changelog for 1.8
- Commit:
135307cfb08ed0e3b3ecadc2fde0e13643c5265a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
install gg too