summaryrefslogtreecommitdiff
path: root/sandbox.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2025-01-23Sandbox fixesGravatar shtrophic1-1/+8
- allow reading `/dev/urandom` as it is shown as a failed syscall when tracing - resolve `/etc/ssl/cert.pem` in case it is a symlink
2025-01-06Don't fail Linux sandboxing if /usr/sbin/sendmail does not exist.Gravatar default1-1/+1
2025-01-06Minor rework to sandbox code.Gravatar default1-61/+59
2025-01-06Fixed sandboxing of the unix socket.Gravatar default1-2/+8
2025-01-05Disable sandboxing by default for now.Gravatar default1-5/+10
2025-01-05Fixed crash in sandbox code under OpenBSD.Gravatar default1-1/+0
2025-01-05More sandbox compilation tweaks under Alpine Linux.Gravatar default1-0/+2
2025-01-05Added some autodetection for Linux landlocking on older systems.Gravatar default1-4/+15
2025-01-05New compilation variable WITHOUT_SANDBOX, to disable all sandboxing.Gravatar default1-0/+12
2025-01-05Minor sandbox fix for Debian stable.Gravatar default1-2/+4
2024-12-30use correct macros for compatibilityGravatar shtrophic1-9/+9
2024-12-26use compat macros to compile on kernels without LANDLOCK_ACCESS_NET_*Gravatar shtrophic1-3/+3
2024-12-08don't try to make files directory-readableGravatar shtrophic1-22/+22
2024-12-08make log output specific to landlock statusGravatar shtrophic1-3/+4
2024-12-08cleanup rulesGravatar shtrophic1-23/+29
2024-12-05import landloc.hGravatar shtrophic1-129/+44
2024-11-19make sendmail executable if configuredGravatar shtrophic1-1/+4
2024-11-19only rwc /dev/shm when WITHOUT_SHM is undefinedGravatar shtrophic1-0/+2
2024-11-16remove unused headersGravatar shtrophic1-2/+1
2024-11-16add distinction between RWC with directories and without, include FS_REFER ↵Gravatar shtrophic1-11/+14
permission
2024-11-16sandboxing port to linux via landlockGravatar shtrophic1-0/+184
HIC SVNT DRACONES