security/fortify
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 25 Wiki Activity
422 Commits 5 Branches 25 Tags 2.3 MiB
163f15e93f
Commit Graph

3 Commits

Author SHA1 Message Date
Ophestra
163f15e93f
helper/seccomp: separate seccomp package
All checks were successful
Test / Create distribution (push) Successful in 1m39s
Details
Test / Run NixOS test (push) Successful in 3m31s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 12:59:11 +09:00
Ophestra
37780456a7
helper: block more unusual/privileged syscalls
All checks were successful
Test / Create distribution (push) Successful in 1m44s
Details
Test / Run NixOS test (push) Successful in 3m35s
Details 
These are toggled by F_EXT and exposed as SyscallPolicy.Compat in the Go interface.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 12:35:47 +09:00
Ophestra
9a239fa1a5
helper/bwrap: integrate seccomp into helper interface
All checks were successful
Build / Create distribution (push) Successful in 1m36s
Details
Test / Run NixOS test (push) Successful in 3m40s
Details 
This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 01:52:57 +09:00