Albert S. crtxcr
0 Seguidores · 0 Siguiendo
Repositorios
23
 Proyectos Paquetes Actividad pública Repositorios Favoritos
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-27 17:03:41 +01:00
6420ca1b40 Add landlock runtime detection
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-27 14:26:46 +01:00
98c76089de Handle new 5.16 syscall: futex_waitv
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-27 14:18:14 +01:00
631980b775 Include linux/capability.h instead of sys/capability.h
0be081c55d Merge get_pledge_argfilter() with get_pledge_argfilter()
Comparar 2 commits »
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-27 12:36:31 +01:00
ca0f82790c Use some macros to increase readabiltiy of BPF rules
77adf09d34 test: Add tests for exile_pledge()
bcab0377f1 Add exile_pledge(): A convenience wrapper
b469a82eec pledge: Allow NO_NEW_PRIVS prctls
6711b394d9 pledge: Add EXILE_SYSCALL_PLEDGE_SECCOMP_INSTALL to allow adding further seccomp filters
Comparar 14 commits »
crtxcr hizo push a master en crtxcr/exile.h 2021-12-27 12:36:13 +01:00
48deab0dde exile_enable_policy(): Only chdir() post chroot()
ce7eb57998 enter_namespaces(): Fix error message
3407fded04 Add EXILE_FS_ALLOW_ALL_{READ,WRITE}
Comparar 3 commits »
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-27 12:32:34 +01:00
3e4ae74203 Use some macros to increase readabiltiy of BPF rules
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-27 12:00:40 +01:00
a7a9c6962a test: Add tests for exile_pledge()
db9f4efda8 Add exile_pledge(): A convenience wrapper
b6790e773e pledge: Allow NO_NEW_PRIVS prctls
f55b7c2f8a pledge: Add EXILE_SYSCALL_PLEDGE_SECCOMP_INSTALL to allow adding further seccomp filters
4588b46cfc Introduce exile_create_policy(): Creates an clean/empty policy.
Comparar 9 commits »
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-27 00:44:43 +01:00
72ee3b3d74 pledge: Add EXILE_SYSCALL_PLEDGE_IOCTL to allow ioctl() without argfilters
17e55f1923 pledge: add prctl() default filter
79fa3f9769 pledge: Introduce clone() filter and EXILE_SYSCALL_PLEDGE_THREAD
6366a6103e pledge: Begin filter for setsockopt() args
8c6ce913cb Begin an pledge()-like implementation
Comparar 7 commits »
crtxcr hizo push a WIP/sandboxing en crtxcr/looqs 2021-12-26 19:44:44 +01:00
79c2731216 gui: Add pledge_promises to exile policy
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-26 19:40:58 +01:00
beeae95fe1 pledge: Add EXILE_SYSCALL_PLEDGE_IOCTL() to not filter ioctl()
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-26 19:34:19 +01:00
27d560c6af pledge: add prctl() default filter
crtxcr hizo push a WIP/sandboxing en crtxcr/looqs 2021-12-26 18:36:03 +01:00
6a41877a0c IpcServer: Fix off-by-one
b10093f907 Switch to exile.h
86b843e434 shared: looksquery: Fix incorrect varname in exception
Comparar 3 commits »
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-26 18:16:06 +01:00
d742397b52 Introduce clone filter and EXILE_SYSCALL_PLEDGE_THREAD
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-26 17:58:07 +01:00
45f5f16bb8 Introduce clone filter and EXILE_SYSCALL_PLEDGE_THREAD
crtxcr creó rama next en crtxcr/exile.h 2021-12-24 16:25:04 +01:00
crtxcr hizo push a next en crtxcr/exile.h 2021-12-24 16:25:04 +01:00
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-24 16:22:27 +01:00
34b58c5b32 Add EXILE_FS_ALLOW_ALL_{READ,WRITE}
7131b15d1f pledge: Begin filter for setsockopt() args
c61ad47817 pledge: Add PROT_EXEC
Comparar 3 commits »
crtxcr hizo push a WIP/argsfilter en crtxcr/exile.h 2021-12-24 16:21:59 +01:00
9a95ad0c6a Add EXILE_FS_ALLOW_ALL_{READ,WRITE}
9d1b62b249 pledge: Begin filter for setsockopt() args
Comparar 2 commits »
crtxcr creó rama WIP/readme en crtxcr/exile.h 2021-12-21 19:31:46 +01:00
crtxcr hizo push a WIP/readme en crtxcr/exile.h 2021-12-21 19:31:46 +01:00
d44ae8e74e fixup! Update README
be78f6a1c0 Update README
c41eb21ff6 Remove sys/capability.h inclusion, we only need linux/capability.h
Comparar 3 commits »