| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-01-28 | don't include err.h, gmid.h (via config.h) does that | Omar Polo | |
| 2021-01-25 | [seccomp] allow getrandom | Omar Polo | |
| 2021-01-25 | we don't need unveil "x" in listener | Omar Polo | |
| not a big deal, since the pledge prohibits us to exec, but nevertheless. | |||
| 2021-01-24 | [seccomp] allow fcntl F_SETFD | Omar Polo | |
| musl does a F_SETFD in its fdopendir | |||
| 2021-01-23 | fix date | Omar Polo | |
| 2021-01-23 | added missic copyright notice | Omar Polo | |
| 2021-01-21 | drop seccomp.h: not needed | Omar Polo | |
| 2021-01-20 | fmt | Omar Polo | |
| 2021-01-20 | allow clock_gettime and a bit of fmt | Omar Polo | |
| alpine on amd64 (under OpenBSD vmd) tries to do a clock_gettime. I don't know why, but it doesn't seem a problem to allow it. | |||
| 2021-01-20 | fix BPF | Omar Polo | |
| 2021-01-20 | tighten the rules for fcntl | Omar Polo | |
| allow only the F_GETFL and F_SETFL commands | |||
| 2021-01-20 | explain the poll mess | Omar Polo | |
| 2021-01-18 | __NR_poll doesn't seem to be defined on aarch64 | Omar Polo | |
| 2021-01-17 | [seccomp] allow also poll | Omar Polo | |
| on the latest fedora we glibc uses poll. On the other linux distro I tried (void), musl is probably providing poll as a ppoll wrapper. | |||
| 2021-01-17 | we don't need to check for CGI anymore | Omar Polo | |
| 2021-01-17 | initial seccomp support | Omar Polo | |
| 2021-01-16 | split into two processes: listener and executor | Omar Polo | |
| this way, we can sandbox the listener with seccomp (todo) or capsicum (already done) and still have CGI scripts. When we want to exec, we tell the executor what to do, the executor executes the scripts and send the fd backt to the listener. | |||
| 2021-01-15 | sandbox also on FreeBSD with capsicum | Omar Polo | |
 |
index : slackcoder/gmid | |
| Small and secure gemini server | Mirror |
| aboutsummaryrefslogtreecommitdiff |