aboutsummaryrefslogtreecommitdiff
path: root/sandbox.c
AgeCommit message (Expand)Author
2022-11-27adjust pledge/unveil on OpenBSDOmar Polo
2022-10-05make the various strings in the config fixed-lengthOmar Polo
2022-09-06optionally disable the sandbox on some systemsOmar Polo
2022-09-06gc sandbox_executor_processOmar Polo
2022-09-06get rid of the CGI supportOmar Polo
2022-03-19const-ify some tablesOmar Polo
2022-02-13tightens seccomp filter: allow only openat(O_RDONLY)Omar Polo
2022-02-13sort syscalls in seccomp filterOmar Polo
2022-02-13Allow Arch-Armv7 syscalls in sandbox.cTobias Berger
2022-02-10fix landlock usageOmar Polo
2021-12-11[seccomp] allow ugetrlimit(2), needed by glibc on armv7lMax
2021-10-18fmtOmar Polo
2021-10-09don't work around a missing -Wno-unused-parameterOmar Polo
2021-10-02enforce PR_SET_NO_NEW_PRIVS in the logger processOmar Polo
2021-09-26forgot includeOmar Polo
2021-09-26[seccomp] allow ioctl(FIONREAD)Omar Polo
2021-09-25refactor landlockOmar Polo
2021-09-19landlock the logger process tooOmar Polo
2021-09-19add helper function gmid_create_landlock_rsOmar Polo
2021-09-19landlock the server processOmar Polo
2021-07-23typoOmar Polo
2021-07-23allow fstat64Omar Polo
2021-07-09typoOmar Polo
2021-07-07style(9)-ifyOmar Polo
2021-07-03typoOmar Polo
2021-07-03fix seccomp filter for ppc64leOmar Polo
2021-07-02configure: add --disable-sandboxOmar Polo
2021-07-02reworked seccomp filterOmar Polo
2021-06-15allow sending fd to log on to the logger processOmar Polo
2021-05-09fastcgi: a first implementationOmar Polo
2021-04-30allow ``root'' rule to be specified per-location blockOmar Polo
2021-03-31list instead of fixed-size array for vhosts and locationsOmar Polo
2021-03-20[seccomp] allow prlimit64Omar Polo
2021-03-20move all sandbox-related code to sandbox.cOmar Polo
2021-02-23[seccomp] allow sendmsgOmar Polo
2021-02-23moving logging to its own processOmar Polo
2021-02-12accept4 -> acceptOmar Polo
2021-02-11use fatal instead of err/fprintf+exitOmar Polo
2021-02-11fix compilation on OSes without sandboxOmar Polo
2021-02-10[seccomp] allow newfstatat and gettimeofdayOmar Polo
2021-02-10[seccomp] epoll_wait(2) isn't available on every archOmar Polo
2021-02-10allow epoll_waitOmar Polo
2021-02-08allow sigreturn and sigaction on linuxOmar Polo
2021-02-08fix seccomp for the new event loopOmar Polo
2021-01-28don't include err.h, gmid.h (via config.h) does thatOmar Polo
2021-01-25[seccomp] allow getrandomOmar Polo
2021-01-25we don't need unveil "x" in listenerOmar Polo
2021-01-24[seccomp] allow fcntl F_SETFDOmar Polo
2021-01-23fix dateOmar Polo
2021-01-23added missic copyright noticeOmar Polo
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-22 09:38:25 +0000