Albert S. crtxcr
0 關註者 · 0 關註中
儲存庫列表
23
 Projects Packages 公開活動 Starred Repositories
crtxcr closed issue crtxcr/exile.h#15 2021-09-05 17:09:05 +02:00
test.sh is too shaky with seccomp
crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-09-05 16:53:42 +02:00
91a9b778eb test: Remove argc,argv from tests as there was no use for them
crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-09-05 16:51:02 +02:00
91ae11bd0a test: Refactor: Put seccomp tests into child processes ; Simplfy .sh
crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-09-05 12:32:24 +02:00
83487c1699 test: implement test_seccomp_errno()
430044bb95 test: test_seccomp_blacklisted_call_permitted(): Add missing default policy
443203aac4 README.md: Update
da19843875 test: Add test ensuring seccomp ends with default rule, minor fixes
比較 4 提交 »
crtxcr synced commits to master at crtxcr/hs9001 from mirror 2021-08-19 22:24:56 +02:00
3a6a1b2aa9 bash-ctrlr: Improve reverse bash search performance
crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-08-16 23:34:07 +02:00
89c5496fab README.md: Update
f79e3f42c4 test: Add test ensuring seccomp adds with default rule, minor fixes
06218966ac check_policy_sanity(): Add syscall policy checks
18940b312c test.sh: Log exit code, print yes/no instead of 1/0
比較 4 提交 »
crtxcr opened issue crtxcr/exile.h#15 2021-08-16 23:22:42 +02:00
test.sh is too shaky with seccomp
crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-08-15 19:00:01 +02:00
b6c3171619 fixup! WIP! Rewrite syscall policy logic
8f222d93a0 fixup! policy: Add disable_syscall_filter policy. Add defaults only on enable.
ad9afc6de4 fixup! policy: Add disable_syscall_filter policy. Add defaults only on enable.
0f9bf246a9 policy: Add disable_syscall_filter policy. Add defaults only on enable.
b2a0c1f39d qssb_entry_append(): Check for overflow
比較 8 提交 »
crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-08-12 22:01:40 +02:00
a0d2cbd895 WIP! Rewrite syscall policy logic
crtxcr opened issue crtxcr/exile.h#14 2021-08-12 12:48:48 +02:00
seccomp: support Deny -> Permit -> Default Deny
crtxcr created pull request crtxcr/exile.h#13 2021-08-12 12:31:00 +02:00
WIP/fixbpf
crtxcr closed pull request crtxcr/exile.h#11 2021-08-12 12:30:41 +02:00
WIP/nofs
crtxcr opened issue crtxcr/exile.h#12 2021-08-12 12:30:15 +02:00
Allow x32 system calls
crtxcr created branch WIP/fixbpf in crtxcr/exile.h 2021-08-12 12:29:34 +02:00
crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-08-12 12:29:34 +02:00
51844ea3ab bpf: Deny x32 system calls for now
66c6d28dcd bpf: Check arch value
5cd45c09b7 bpf: Use SECCOMP_RET_KILL_PROCESS instead SECCOMP_RET_KILL
比較 3 提交 »
crtxcr pushed to master at crtxcr/exile.h 2021-08-12 11:38:45 +02:00
fa06287b13 Use new qssb_append_*_syscall functions, remove old fields
68694723fe Begin qssb_append_*_syscall family of functions
4a4d551e75 Introduce "no_fs" and "no_new_fd" options.
比較 3 提交 »
crtxcr pushed to WIP/nofs at crtxcr/exile.h 2021-08-12 11:38:20 +02:00
fa06287b13 Use new qssb_append_*_syscall functions, remove old fields
68694723fe Begin qssb_append_*_syscall family of functions
692c9b54b7 Use new qssb_append_*_syscall functions, remove old fields
06b0977fca fixup! Begin qssb_append_*_syscall family of functions
93e44bf235 Begin qssb_append_*_syscall family of functions
比較 5 提交 »
crtxcr created pull request crtxcr/exile.h#11 2021-08-11 20:55:05 +02:00
WIP/nofs
crtxcr pushed to WIP/nofs at crtxcr/exile.h 2021-08-11 20:54:45 +02:00
692c9b54b7 Use new qssb_append_*_syscall functions, remove old fields
06b0977fca fixup! Begin qssb_append_*_syscall family of functions
93e44bf235 Begin qssb_append_*_syscall family of functions
比較 3 提交 »
crtxcr pushed to WIP/nofs at crtxcr/exile.h 2021-08-10 16:59:28 +02:00
4a4d551e75 Introduce "no_fs" and "no_new_fd" options.
57238b535c Expand disallowed system calls
b4e8116c20 seccomp_enable_whitelist(): Fix comment
8fb15f3727 Introduce "no_fs" and "no_new_fd" options.
比較 4 提交 »