root/xz - xz - Root on GIT

Commit Graph

Author	SHA1	Message	Date
Lasse Collin	374868d81d	xz: Move sandboxing code to sandbox.c and improve Landlock sandbox. Landlock is now always used just like pledge(2) is: first in more permissive mode and later (under certain common conditions) in a strict mode that doesn't allow opening more files. I put pledge(2) first in sandbox.c because it's the simplest API to use and still somewhat fine-grained for basic applications. So it's the simplest thing to understand for anyone reading sandbox.c.	2024-02-17 23:07:35 +02:00

Author

SHA1

Message

Date

Lasse Collin

374868d81d

xz: Move sandboxing code to sandbox.c and improve Landlock sandbox.

Landlock is now always used just like pledge(2) is: first in more
permissive mode and later (under certain common conditions) in
a strict mode that doesn't allow opening more files.

I put pledge(2) first in sandbox.c because it's the simplest API
to use and still somewhat fine-grained for basic applications.
So it's the simplest thing to understand for anyone reading sandbox.c.

2024-02-17 23:07:35 +02:00

1 Commits