82a072f641
system/tmpfiles: implement private tmpfiles
...
These are only available within the mount namespace and should significantly reduce attack surface.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 00:07:52 +09:00
c667b13a00
system: separate link Op implementation
...
This Op would still be useful after replacing the Tmpfiles interface, so isolate it here.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-16 12:15:26 +09:00
f955b15b84
system: remove write mode tmpfiles
...
This interface is ugly and bug-prone. This change removes its write mode which has been obsoleted by CopyBind.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 03:22:20 +09:00
df6fc298f6
migrate to git.gensokyo.uk/security/fortify
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe >
2024-12-20 00:20:02 +09:00
65af1684e3
migrate to git.ophivana.moe/security/fortify
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe >
2024-10-20 19:50:13 +09:00
679e719f9e
system: tests for all Op implementations except DBus
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe >
2024-10-17 20:28:55 +09:00
