security/hakurei
6
3
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

sandbox: wrap fmsg interface
All checks were successful
Test / Create distribution (push) Successful in 24s
Details
Test / Fortify (push) Successful in 2m27s
Details
Test / Fpkg (push) Successful in 3m36s
Details
Test / Data race detector (push) Successful in 4m16s
Details
Test / Flake checks (push) Successful in 55s
Details

Browse Source 
Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2025-03-17 02:31:46 +09:00
parent ee10860357
commit 9a1f8e129f
32 changed files with 270 additions and 194 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/fpkg/main.go
View File

@@ -38,10 +38,10 @@ func init() {
func main() {
// early init path, skips root check and duplicate PR_SET_DUMPABLE
sandbox.TryArgv0()
sandbox.TryArgv0(fmsg.Output{}, fmsg.Prepare, internal.InstallFmsg)
init0.TryArgv0()
if err := internal.SetDumpable(internal.SUID_DUMP_DISABLE); err != nil {
if err := sandbox.SetDumpable(sandbox.SUID_DUMP_DISABLE); err != nil {
log.Printf("cannot set SUID_DUMP_DISABLE: %s", err)
// not fatal: this program runs as the privileged user
}