aboutsummaryrefslogtreecommitdiff
path: root/sandbox.c
AgeCommit message (Expand)Author
2021-10-02enforce PR_SET_NO_NEW_PRIVS in the logger processOmar Polo
2021-09-26forgot includeOmar Polo
2021-09-26[seccomp] allow ioctl(FIONREAD)Omar Polo
2021-09-25refactor landlockOmar Polo
2021-09-19landlock the logger process tooOmar Polo
2021-09-19add helper function gmid_create_landlock_rsOmar Polo
2021-09-19landlock the server processOmar Polo
2021-07-23typoOmar Polo
2021-07-23allow fstat64Omar Polo
2021-07-09typoOmar Polo
2021-07-07style(9)-ifyOmar Polo
2021-07-03typoOmar Polo
2021-07-03fix seccomp filter for ppc64leOmar Polo
2021-07-02configure: add --disable-sandboxOmar Polo
2021-07-02reworked seccomp filterOmar Polo
2021-06-15allow sending fd to log on to the logger processOmar Polo
2021-05-09fastcgi: a first implementationOmar Polo
2021-04-30allow ``root'' rule to be specified per-location blockOmar Polo
2021-03-31list instead of fixed-size array for vhosts and locationsOmar Polo
2021-03-20[seccomp] allow prlimit64Omar Polo
2021-03-20move all sandbox-related code to sandbox.cOmar Polo
2021-02-23[seccomp] allow sendmsgOmar Polo
2021-02-23moving logging to its own processOmar Polo
2021-02-12accept4 -> acceptOmar Polo
2021-02-11use fatal instead of err/fprintf+exitOmar Polo
2021-02-11fix compilation on OSes without sandboxOmar Polo
2021-02-10[seccomp] allow newfstatat and gettimeofdayOmar Polo
2021-02-10[seccomp] epoll_wait(2) isn't available on every archOmar Polo
2021-02-10allow epoll_waitOmar Polo
2021-02-08allow sigreturn and sigaction on linuxOmar Polo
2021-02-08fix seccomp for the new event loopOmar Polo
2021-01-28don't include err.h, gmid.h (via config.h) does thatOmar Polo
2021-01-25[seccomp] allow getrandomOmar Polo
2021-01-25we don't need unveil "x" in listenerOmar Polo
2021-01-24[seccomp] allow fcntl F_SETFDOmar Polo
2021-01-23fix dateOmar Polo
2021-01-23added missic copyright noticeOmar Polo
2021-01-21drop seccomp.h: not neededOmar Polo
2021-01-20fmtOmar Polo
2021-01-20allow clock_gettime and a bit of fmtOmar Polo
2021-01-20fix BPFOmar Polo
2021-01-20tighten the rules for fcntlOmar Polo
2021-01-20explain the poll messOmar Polo
2021-01-18__NR_poll doesn't seem to be defined on aarch64Omar Polo
2021-01-17[seccomp] allow also pollOmar Polo
2021-01-17we don't need to check for CGI anymoreOmar Polo
2021-01-17initial seccomp supportOmar Polo
2021-01-16split into two processes: listener and executorOmar Polo
2021-01-15sandbox also on FreeBSD with capsicumOmar Polo