fortify

Author	SHA1	Message	Date
Ophestra	ff30a5ab5d	fst: remove empty file Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-21 19:27:08 +09:00
Ophestra	c64b8163e7	app: separate instance from process state This works better for the implementation. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-21 16:06:24 +09:00
Ophestra	3c80fd2b0f	app: defer system.I revert Just returning an error after a successful call of commit will leave garbage behind with no way for the caller to clean them. This change ensures revert is always called after successful commit with at least per-process state enabled. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 21:12:11 +09:00
Ophestra	ef81828e0c	app: remove share method This is yet another implementation detail from before system.I, getting rid of this vastly cuts down on redundant seal state. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 16:20:25 +09:00
Ophestra	648e1d641a	app: separate interface from implementation Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 23:07:28 +09:00
Ophestra	3c327084d3	fst: declare wrappers for sandbox config Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 23:04:13 +09:00
Ophestra	bf95127332	fst: move App interface declaration Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 22:36:45 +09:00
Ophestra	e0f321b2c4	sys: rename from linux Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 18:47:48 +09:00
Ophestra	90cb01b274	system: move out of internal Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 19:00:43 +09:00
Ophestra	e599b5583d	fmsg: implement suspend in writer This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 18:51:53 +09:00
Ophestra	cc1efa22e2	fst: add missing fields to template Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-22 12:09:25 +09:00
Ophestra	9a239fa1a5	helper/bwrap: integrate seccomp into helper interface This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-22 01:52:57 +09:00
Ophestra	dfcdc5ce20	state: store config in separate gob stream This enables early serialisation of config. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-21 12:10:58 +09:00
Ophestra	27f5922d5c	fst: include syscall filter configuration This value is passed through to shim. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-20 21:12:39 +09:00
Ophestra	562f5ed797	fst: hide sockets exposed via Filesystem This is mostly useful for permissive defaults. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-15 10:13:18 +09:00
Ophestra	db03565614	fst: move sandbox struct to separate file Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-15 09:42:44 +09:00
Ophestra	a1148edd00	fst/config: allocate filesystem slice Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-04 00:16:41 +09:00
Ophestra	35b7142317	fortify: show system info when instance is not specified This contains useful information not obtainable by external tools. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-01 19:35:50 +09:00
Ophestra	b9e2003d5b	app: ensure extra paths The primary use case for extra perms is app-specific state directories, which may or may not exist (first run of any app). Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 14:07:49 +09:00
Ophestra	847b667489	app: extra acl entries from configuration Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 13:23:27 +09:00
Ophestra	85e5b097fd	fst/config: add template etc entry Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 12:05:32 +09:00
Ophestra	fc26659ea1	fst/config: autoetc read custom path Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-27 18:57:44 +09:00
Ophestra	2fdbd6a4dd	fst/config: alternative /etc directory This is useful for static /etc directories provided by self-contained application packages, or in cases where autoetc is useful for paths other than /etc. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-27 18:06:26 +09:00
Ophestra	c67b8ab9ac	fst/config: improve correctness of comments The meanings of many of these fields have changed since they were added. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 00:45:29 +09:00
Ophestra	7a8b625a57	app: rename /fortify to /.fortify Also removed the inner share tmpfs mount. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-21 18:11:32 +09:00
Ophestra Umiker	df6fc298f6	migrate to git.gensokyo.uk/security/fortify Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-20 00:20:02 +09:00
Ophestra Umiker	5ea7333431	fst: implement app id parser Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-19 18:19:47 +09:00
Ophestra Umiker	2f676c9d6e	fst: rename from fipc Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-18 15:50:46 +09:00

28 Commits

No results found.