df6fc298f6
migrate to git.gensokyo.uk/security/fortify
...
Tests / Go tests (push) Successful in 2m55s
Nix / NixOS tests (push) Successful in 5m10s
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-12-20 00:20:02 +09:00
4b7b899bb3
add package doc comments
...
test / test (push) Successful in 19s
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-28 20:57:59 +09:00
65af1684e3
migrate to git.ophivana.moe/security/fortify
...
test / test (push) Successful in 14s
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-20 19:50:13 +09:00
33cf0bed54
dbus: various accessors for dbus.Proxy internal fields
...
These values are useful during sandbox setup and exporting them makes more sense than storing them twice.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-16 01:27:49 +09:00
2faf510146
helper/bwrap: ordered filesystem args
...
The argument builder was written based on the incorrect assumption that bwrap arguments are unordered. The argument builder is replaced in this commit to correct that mistake.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-15 02:15:55 +09:00
0f421644be
dbus: improve unsealed behaviour coverage
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-12 00:53:08 +09:00
d41b9d2d9c
ldd: separate Parse from Exec and trim space
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-09 23:51:15 +09:00
753c5191b1
dbus/run: support running xdg-dbus-proxy in a restrictive bubblewrap sandbox
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-09 20:41:42 +09:00
55a5b6f242
dbus: use name resolved by exec.Command
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-07 16:55:27 +09:00
85407dd3c0
helper: helper.Helper interface
...
For upcoming bwrap implementation of helper.Helper
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-07 15:37:52 +09:00
9647eb6a6b
helper: separate pipes from Helper
...
Upcoming bwrap helper implementation requires two sets of pipes to be managed, fd will also no longer be constant.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-07 12:48:20 +09:00
d1415305ae
dbus: test child process handling behaviour via helper stub
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-29 15:49:32 +09:00
98f9fdb7cc
dbus: configurable xdg-dbus-proxy output
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-29 15:27:29 +09:00
dc59f20d7b
dbus: toggleable xdg-dbus-proxy output
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-29 15:24:54 +09:00
0e7849fac2
dbus: add more test cases
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-28 19:19:31 +09:00
342c66aae8
dbus: replace test suffix * with +
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-28 17:47:15 +09:00
cf182d1fbe
dbus: seal test error check for correct error returned
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-28 17:00:20 +09:00
1038af98f0
dbus: add tests
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-28 00:06:16 +09:00
aa2be18f47
dbus/config: implement file loading functions
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-27 23:53:08 +09:00
84d8c27b5f
dbus: return exported error for nil config
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-27 23:52:38 +09:00
ee2f5ed6ac
dbus/config: remove unused method
...
Null checking is replaced by helper/args while string building is no longer required.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-27 12:04:28 +09:00
8492239cba
helper/args: simplify argument parsing and eliminate excess memory copies
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-25 14:00:30 +09:00
a8b4b3634b
dbus: use generalised helper.Helper for xdg-dbus-proxy
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-25 01:17:38 +09:00
be83ad838c
dbus: assert fmt.Stringer instead of helper.Args on argument seal
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-24 19:37:50 +09:00
b722adc4dd
dbus: seal as io.WriterTo interface
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-24 18:03:05 +09:00
000607da5f
helper: separate helper args fd builder from dbus
...
This method of passing arguments is used in bubblewrap as well as other tools, this commit separates the argument builder/writer to the helper package and generalise it as an interface.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-24 16:11:08 +09:00
8223a9ee66
enable filter in README example
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-11 16:35:23 +09:00
20c0e66d8f
dbus/config: seal with session and system bus proxy
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-09 21:13:00 +09:00
e5918ba3b3
dbus/config: fix builtin defaults
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-09 19:20:37 +09:00
35d040590b
dbus/config: document fields and add --call and --broadcast
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-09 13:27:31 +09:00
357cc4ce4d
dbus: implement xdg-dbus-proxy wrapper
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-09-09 03:11:50 +09:00