maemachinebroke/hakurei
1
0
Fork 0
forked from security/hakurei
Code Pull Requests Activity

container: optionally isolate host abstract UNIX domain sockets via landlock

Browse Source
This commit is contained in:
Clayton Gilmer
2025-08-18 12:00:52 +09:00
committed by Ophestra
parent 69a4ab8105
commit 5db0714072
17 changed files with 375 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
hst/config.go
View File

@@ -79,6 +79,8 @@ type (
Userns bool `json:"userns,omitempty"`
// share host net namespace
Net bool `json:"net,omitempty"`
// share abstract unix socket scope
Abstract bool `json:"abstract,omitempty"`
// allow dangerous terminal I/O
Tty bool `json:"tty,omitempty"`
// allow multiarch