Trusted Path Acl Patches for OpenBSD 3.0

These were originally written by route|daemon9 and Mike D. Schiffman
with assistance from nirva for OpenBSD 2.4, and published in Phrack
54 (p54-06) "Hardening OpenBSD for Multiuser Environments", it would 
be a good idea to go read the article, www.phrack.org. The patches   
also feature restrictions on symlinks in +t directories, ala the  
Openwall patches for linux by Solar Designer, www.openwall.com.

The privacy have been simplified, a more thorough replacement is available
at http://openbsd.unixpunk.de/misc/openbsd-3.0-privacy.tar.gz

The only privacy thing Stephanie will do is prevent untrusted users
from seeing processes they don't own. If you do apply the patches from
the location above, you *do not* need to apply the sysctl.diff

Heaps of people have helped out with patches/bugfixes and comments:

brian <brian@bsd.org.il> - heaps of tpe_adm fixes
executer <executer@mindless.com> - top bug fix patch
andrew <andrew@boom.detonate.org> - top bug again
Tim Robbins <tim@robbins.dropbear.id.au> - general helping-ness
Grant Bayley <gbayley@wiretapped.net> - general helping-ness
dingo <dingo@microbsd.net> - gave me access to a 3.0 machine
SimonB <spb@kaizo.org> - nice makefile for installing
Chris Kuethe <chris.kuethe@ualberta.ca> - sysctl bug fix
and also technion, dme, caddis, sh00ter and ph1ll1p for some interesting 
conversations.

Anyway, read the INSTALL file, it should have everything you need to
get things going. Please send any bugs or feedback to 
doe@fuxya.org. Mail to the original authors will most probably be 
ignored, all bugs are mine, so don't waste your time.

All source code is Copyright (c) 1998 route|daemon9 and Mike D. 
Schiffman unless otherwise noted. All source code and diffs/patches  
are distributed under a two clause BSD style licence which can be 
seen below.   

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the following disclaimer in the
   documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.

Enjoy!
- doe@fuxya.org, April 2001
