security/hakurei
6
3
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

internal/sys: wrap getuid/getgid
All checks were successful
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m34s
Details
Test / Fpkg (push) Successful in 3m26s
Details
Test / Data race detector (push) Successful in 4m8s
Details
Test / Flake checks (push) Successful in 50s
Details

Browse Source 
Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2025-03-17 17:10:03 +09:00
parent af3619d440
commit 7c063833e0
4 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
fst/sandbox.go
View File

@@ -47,7 +47,7 @@ type SandboxConfig struct {
// SandboxSys encapsulates system functions used during the creation of [bwrap.Config].
type SandboxSys interface {
Geteuid() int
Getuid() int
Paths() Paths
ReadDir(name string) ([]fs.DirEntry, error)
EvalSymlinks(path string) (string, error)
@@ -73,7 +73,7 @@ func (s *SandboxConfig) Bwrap(sys SandboxSys, uid *int) (*bwrap.Config, error) {
} else {
// some programs fail to connect to dbus session running as a different uid, so a separate workaround
// is introduced to map priv-side caller uid in namespace
*uid = sys.Geteuid()
*uid = sys.Getuid()
}
conf := (&bwrap.Config{