fortify

Author	SHA1	Message	Date
Ophestra	2647a71be1	seccomp: move out of helper Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-14 22:42:40 +09:00
Ophestra	d1f83f40d6	helper/bwrap: rename Write to WriteFile In case this might want to be an io.Writer. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 00:34:19 +09:00
Ophestra	e599b5583d	fmsg: implement suspend in writer This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 18:51:53 +09:00
Ophestra	1fa5e992e4	helper/bwrap: expose address of DataConfig This allows the caller to defer fulfilling its payload. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 12:33:59 +09:00
Ophestra	72b0160aad	helper/bwrap: implement file copy flags These are significantly more efficient and less error-prone than mounting an external tmpfile. This should also reduce attack surface as the resulting files are private to its specific sandbox. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 03:13:15 +09:00
Ophestra	be7d944b39	helper/bwrap: PositionalArg implement fmt.Stringer Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 00:11:48 +09:00
Ophestra	ace97952cc	helper/bwrap: merge Args and FDArgs Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-14 18:13:06 +09:00
Ophestra	88040504b2	helper/bwrap: remove fmsg import Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-14 18:05:00 +09:00
Ophestra	fe7d208cf7	helper: use generic extra files interface This replaces the pipes object and integrates context into helper process lifecycle. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 23:34:15 +09:00
Ophestra	e14923ae53	helper/proc: move package out of internal Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-08 13:03:45 +09:00
Ophestra	7b96cd6ded	helper/seccomp: do not call F_println if not verbose This (slightly) improves performance. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-25 13:19:38 +09:00
Ophestra	163f15e93f	helper/seccomp: separate seccomp package Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-25 12:59:11 +09:00
Ophestra	37780456a7	helper: block more unusual/privileged syscalls These are toggled by F_EXT and exposed as SyscallPolicy.Compat in the Go interface. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-25 12:35:47 +09:00
Ophestra	9a239fa1a5	helper/bwrap: integrate seccomp into helper interface This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-22 01:52:57 +09:00
Ophestra	2f70506865	helper/bwrap: move sync to helper state Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-19 18:38:13 +09:00
Ophestra	3e11ce6868	helper/bwrap: separate sequential/static args Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-15 13:07:06 +09:00
Ophestra	7d99e45b88	helper/bwrap: register OverlayConfig with gob This is required for copying bwrap configurations across processes. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-14 12:25:10 +09:00
Ophestra	e2489059c1	helper/bwrap: implement overlayfs builder Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-05 20:09:35 +09:00
Ophestra	2e3f6a4c51	helper/bwrap: move test out of bwrap package Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-05 19:45:24 +09:00
Ophestra	2162029f46	helper/bwrap: add json struct tag to filesystem Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-05 19:41:04 +09:00
Ophestra	aef847b5ae	helper/bwrap: fix typo in --dir config builder Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-27 15:34:43 +09:00
Ophestra Umiker	8d0573405a	helper/bwrap: implement sync fd This is required by wayland security-context-v1. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-06 04:21:37 +09:00
Ophestra Umiker	050ffceb27	helper/bwrap: register generic PermConfig types with gob Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-25 13:26:01 +09:00
Ophestra Umiker	184a5f29fa	helper/bwrap: add fortify permissive default test case Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-15 02:56:13 +09:00
Ophestra Umiker	3015266e5a	helper/bwrap: sort SetEnv arguments This guarantees consistency of resulting args. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-15 02:55:48 +09:00
Ophestra Umiker	2faf510146	helper/bwrap: ordered filesystem args The argument builder was written based on the incorrect assumption that bwrap arguments are unordered. The argument builder is replaced in this commit to correct that mistake. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-15 02:15:55 +09:00
Ophestra Umiker	a0db19b9ad	helper/bwrap: format mode in octal Bubblewrap expects an octal representation of mode. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-14 13:47:50 +09:00
Ophestra Umiker	aee96b0fdf	helper/bwrap: allow pushing generic arguments to the end of argument stream Bwrap argument order determines the order their corresponding actions are performed. This allows generic arguments like tmpfs to the end of the stream to override bind mounts. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-13 02:26:01 +09:00
Ophestra Umiker	713872a5cd	helper/bwrap: move interfaceArgs before stringArgs Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-11 04:12:47 +09:00
Ophestra Umiker	101e49a48b	helper/bwrap: proc, dev and mqueue as string arguments These flags do not support --chmod. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-11 01:30:11 +09:00
Ophestra Umiker	b99ed94386	helper/bwrap: pass --unshare-user when unshare everything Bubblewrap apparently requires --unshare-user even when --unshare-all is set to apply --disable-userns. This behaviour is not clearly documented. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-09 00:22:48 +09:00
Ophestra Umiker	6a2802cf30	helper: move bwrap into helper Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-07 14:40:35 +09:00

32 Commits

No results found.