root/xz - xz - Root on GIT

Commit Graph

Author	SHA1	Message	Date
Lasse Collin	cae9a5e0bf	xz: Use stricter pledge(2) and Landlock sandbox. This makes these sandboxing methods stricter when no files are created or deleted. That is, it's a middle ground between the initial sandbox and the strictest single-file-to-stdout sandbox: this allows opening files for reading but output has to go to stdout.	2024-02-17 23:07:35 +02:00
Lasse Collin	374868d81d	xz: Move sandboxing code to sandbox.c and improve Landlock sandbox. Landlock is now always used just like pledge(2) is: first in more permissive mode and later (under certain common conditions) in a strict mode that doesn't allow opening more files. I put pledge(2) first in sandbox.c because it's the simplest API to use and still somewhat fine-grained for basic applications. So it's the simplest thing to understand for anyone reading sandbox.c.	2024-02-17 23:07:35 +02:00

Author

SHA1

Message

Date

Lasse Collin

cae9a5e0bf

xz: Use stricter pledge(2) and Landlock sandbox.

This makes these sandboxing methods stricter when no files are
created or deleted. That is, it's a middle ground between the
initial sandbox and the strictest single-file-to-stdout sandbox:
this allows opening files for reading but output has to go to stdout.

2024-02-17 23:07:35 +02:00

Lasse Collin

374868d81d

xz: Move sandboxing code to sandbox.c and improve Landlock sandbox.

Landlock is now always used just like pledge(2) is: first in more
permissive mode and later (under certain common conditions) in
a strict mode that doesn't allow opening more files.

I put pledge(2) first in sandbox.c because it's the simplest API
to use and still somewhat fine-grained for basic applications.
So it's the simplest thing to understand for anyone reading sandbox.c.

2024-02-17 23:07:35 +02:00

2 Commits