aboutsummaryrefslogtreecommitdiff
path: root/sandbox.c
AgeCommit message (Expand)Author
2023-06-09fix sandbox_server_processOmar Polo
2023-06-08provide sandbox_main_process on !OpenBSDOmar Polo
2023-06-08rework the daemon to do fork+execOmar Polo
2023-06-06use fatal() in code used in the daemonOmar Polo
2023-06-06switch to the more usual log.cOmar Polo
2023-06-06rename log.[ch] to logger.[ch]Omar Polo
2023-06-05provide a more usual fatalOmar Polo
2023-05-08send capsicum/landlock/seccomp hack to ValhallaOmar Polo
2023-05-08drop landlock/seccomp and capsicum supportOmar Polo
2022-11-27adjust pledge/unveil on OpenBSDOmar Polo
2022-10-05make the various strings in the config fixed-lengthOmar Polo
2022-09-06optionally disable the sandbox on some systemsOmar Polo
2022-09-06gc sandbox_executor_processOmar Polo
2022-09-06get rid of the CGI supportOmar Polo
2022-03-19const-ify some tablesOmar Polo
2022-02-13tightens seccomp filter: allow only openat(O_RDONLY)Omar Polo
2022-02-13sort syscalls in seccomp filterOmar Polo
2022-02-13Allow Arch-Armv7 syscalls in sandbox.cTobias Berger
2022-02-10fix landlock usageOmar Polo
2021-12-11[seccomp] allow ugetrlimit(2), needed by glibc on armv7lMax
2021-10-18fmtOmar Polo
2021-10-09don't work around a missing -Wno-unused-parameterOmar Polo
2021-10-02enforce PR_SET_NO_NEW_PRIVS in the logger processOmar Polo
2021-09-26forgot includeOmar Polo
2021-09-26[seccomp] allow ioctl(FIONREAD)Omar Polo
2021-09-25refactor landlockOmar Polo
2021-09-19landlock the logger process tooOmar Polo
2021-09-19add helper function gmid_create_landlock_rsOmar Polo
2021-09-19landlock the server processOmar Polo
2021-07-23typoOmar Polo
2021-07-23allow fstat64Omar Polo
2021-07-09typoOmar Polo
2021-07-07style(9)-ifyOmar Polo
2021-07-03typoOmar Polo
2021-07-03fix seccomp filter for ppc64leOmar Polo
2021-07-02configure: add --disable-sandboxOmar Polo
2021-07-02reworked seccomp filterOmar Polo
2021-06-15allow sending fd to log on to the logger processOmar Polo
2021-05-09fastcgi: a first implementationOmar Polo
2021-04-30allow ``root'' rule to be specified per-location blockOmar Polo
2021-03-31list instead of fixed-size array for vhosts and locationsOmar Polo
2021-03-20[seccomp] allow prlimit64Omar Polo
2021-03-20move all sandbox-related code to sandbox.cOmar Polo
2021-02-23[seccomp] allow sendmsgOmar Polo
2021-02-23moving logging to its own processOmar Polo
2021-02-12accept4 -> acceptOmar Polo
2021-02-11use fatal instead of err/fprintf+exitOmar Polo
2021-02-11fix compilation on OSes without sandboxOmar Polo
2021-02-10[seccomp] allow newfstatat and gettimeofdayOmar Polo
2021-02-10[seccomp] epoll_wait(2) isn't available on every archOmar Polo