summaryrefslogtreecommitdiff
path: root/lib/sandbox.c
Commit message (Expand)AuthorAge
* Update syscall lists from systemd ab9617a766Colin Watson2023-08-07
* sandbox: Work around FirebuildColin Watson2023-03-10
* Update syscall lists from systemd fc2a0bc05eColin Watson2023-01-14
* Convert many more ints to boolsColin Watson2022-10-08
* Simplify static analysis of fatal errorsColin Watson2022-01-30
* Move some more declarations out of manconfig.hColin Watson2022-01-16
* Move debug-related declarations out of manconfig.hColin Watson2022-01-16
* Use MAYBE_UNUSED rather than _GL_UNUSEDColin Watson2022-01-09
* Reduce overhead of MAN_DISABLE_SECCOMP=1Colin Watson2022-01-03
* Add an SC_ALLOW_PERMISSIVE macroColin Watson2022-01-01
* Introduce pre-commitColin Watson2022-01-01
* Allow clock_gettime64; return ENOSYS so libcs can engage fallbacksS. Gilles2020-08-22
* Simplify some GCC attribute handlingColin Watson2019-08-24
* sandbox: Allow getrandom, used by Hardened MallocColin Watson2019-08-21
* sandbox: Reorganise using @system-service setColin Watson2019-08-21
* sandbox: Set default action to EPERM, not TRAPColin Watson2019-08-21
* sandbox: Allow sendmsg in the ESET caseColin Watson2019-08-14
* Update syscall lists from systemd bca5a0eaccColin Watson2019-08-03
* Fix warnings when configuring --without-libseccompColin Watson2019-03-03
* Improve sandbox_freeColin Watson2019-02-04
* Use bool type where appropriateColin Watson2019-01-26
* sandbox: Work around Microsoft SCEPColin Watson2019-01-05
* sandbox: Improve ESET compatibility furtherColin Watson2018-07-16
* sandbox: Allow some shared memory operationsColin Watson2018-07-15
* sandbox: Allow sched_getaffinityColin Watson2018-04-22
* sandbox: Allow sibling architectures on x86 etc.Colin Watson2018-03-30
* sandbox: Tighten up storage classesColin Watson2018-03-17
* sandbox: Allow kill and tgkill outrightColin Watson2018-03-17
* sandbox: Allow madviseColin Watson2018-03-17
* sandbox: Handle qemu-user returning EFAULTColin Watson2018-02-28
* sandbox: Add some more ESET affordancesColin Watson2018-02-28
* sandbox: Work around snoopyColin Watson2018-02-25
* sandbox: Generalise libesets_pac.so check slightlyColin Watson2018-02-25
* sandbox: Handle /etc/ld.so.preloadColin Watson2018-02-20
* sandbox: Work around ESET File SecurityColin Watson2018-02-19
* sandbox: Allow ioctl(fd, TIOCGWINSZ)Colin Watson2018-02-19
* sandbox: Allow kill/tgkill for current processColin Watson2018-02-14
* Use HTTPS URLs where possibleColin Watson2018-02-09
* sandbox: Allow mremapColin Watson2018-02-08
* Refactor sandbox attachment to be more composableColin Watson2018-02-07
* Fix seccomp sandbox build on Linux/POWERColin Watson2018-02-05
* Allow ioctl (..., TCGETS, ...)Colin Watson2018-02-04
* sandbox: Cope with missing CONFIG_SECCOMP_FILTERColin Watson2018-01-03
* Allow sync_file_range2 syscallColin Watson2018-01-03
* Fix seccomp sandbox on Linux/ARMColin Watson2018-01-03
* Confine most untrusted data handling using seccompColin Watson2017-12-03
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 17:18:08 +0000