commit - 137def5ff4c0f9720391ca88191cf9fee6d8ae9a
commit + 8bb8cf2ad488151879b1d7e5ec7436d38553b1b5
blob - d5f40358bb8edc70f0dfb81e48f37fbbc18a8a99
blob + 707ef3de2d05bbc21e99ccbf40509b8f887bc5e3
--- configure
+++ configure
STATIC=
YACC=yacc
+DISABLE_SANDBOX=0
+
NEED_GNU_SOURCE=0
NEED_OPENBSD_SOURCE=0
# allow certain variables to be overridden on the command line
for keyvals in "$@"; do
+ if [ "$keyvals" = "--disable-sandbox" ]; then
+ DISABLE_SANDBOX=1
+ continue
+ fi
+
key=`echo $keyvals | cut -s -d '=' -f1`
if [ -z "$key" ]; then
echo "$0: invalid key-value: $keyvals" 1>&2
cat <<__HEREDOC__
+#define DISABLE_SANDBOX ${DISABLE_SANDBOX}
+
#define HAVE_ERR ${HAVE_ERR}
#define HAVE_EXPLICIT_BZERO ${HAVE_EXPLICIT_BZERO}
#define HAVE_FREEZERO ${HAVE_FREEZERO}
blob - 3f99f08cde9217fdc7bb28176b7e92fb69c0a5ac
blob + 8b1244b1fb08dad1a400cb26c32efacd262bbe1e
--- sandbox.c
+++ sandbox.c
#include "gmid.h"
-#if defined(__FreeBSD__)
+#if DISABLE_SANDBOX
+#warning "Sandbox disabled! Please report issues upstream instead of disabling the sandbox."
+
+void
+sandbox_server_process(void)
+{
+ return;
+}
+
+void
+sandbox_executor_process(void)
+{
+ log_notice(NULL, "Sandbox disabled! "
+ "Please report issues upstream instead of disabling the sandbox.");
+}
+
+void
+sandbox_logger_process(void)
+{
+ return;
+}
+
+#elif defined(__FreeBSD__)
+
#include <sys/capsicum.h>
void