woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,148 Commits 2 Branches 0 Tags 1.5 MiB
02458084fe
Commit Graph

111 Commits

Author SHA1 Message Date
Robert Swiecki
3c03973f1f configs/*: use KILL_PROCESS instead of KILL(_THREAD) when posssible 2022-02-07 17:23:31 +01:00
Robert Swiecki
6a99755e43 configs/imagemagick-convert: missing quote 2022-02-07 01:08:35 +01:00
Robert Swiecki
2b6a093e09 configs/firefox-with-net-wayland.cfg: retain original WAYLAND_DISPLAY value 2021-09-29 09:48:11 +02:00
Robert Swiecki
4909f45fe0 configs: firefox+wayland example 2021-08-11 00:31:31 +02:00
Robert Swiecki
8ce33a17ec configs/imagemagick: alternative file conversion command 2021-08-10 17:46:44 +02:00
Robert Swiecki
3ac7856b67 configs/ - add comments to config files using # 2021-05-05 13:50:51 +02:00
Robert Swiecki
2ca90bf208 configs/: indent 2019-10-29 01:40:52 +01:00
Robert Swiecki
a78019993f configs/znc: remove a problematic quote 2019-10-04 00:35:36 +02:00
Robert Swiecki
b3d544d155 config: simplify log/logfd setting 2019-10-02 19:43:58 +02:00
Robert Swiecki
0b12cedc01 configs: new config for znc - remove log_fd 2019-10-02 08:28:23 +02:00
Robert Swiecki
af9d4294d9 configs: new config for znc 2019-10-01 08:27:17 +02:00
Robert Swiecki
64275d1417 configs/xchat: daemonize by default 2019-09-28 23:00:21 +02:00
Robert Swiecki
2044488520 configs/imagemagick-convert: add madvise 2019-07-12 16:07:06 +02:00
Robert Swiecki
c861be28a9 configs/image-magic: make convert be overridable 2019-04-01 23:32:06 +02:00
Robert Swiecki
7b8da74e9f configs/firefox-with-cloned-net: add fontconfig config envvars 2019-03-30 16:20:04 +01:00
Robert Swiecki
8b339db721 configs/firefox: add fontconfig config envvars 2019-03-30 16:19:30 +01:00
Robert Swiecki
e3db427f0b configs/conver: revert the last one to properly figure it out 2019-03-30 15:49:18 +01:00
Disconnect3d
e6abcae13b
Fixes issue #113 2019-03-29 23:48:56 +01:00
Adam Carheden
6f7a3fb8e9 Added example config for tomcat 2019-02-27 14:11:49 -07:00
Robert Swiecki
fafef711ad configs/xorg: add /dev/[u]random 2019-01-20 21:41:10 +01:00
Robert Swiecki
c7dd18c612 cmdline: add ability to passthrough current envvars 2018-10-28 17:15:55 +01:00
Robert Swiecki
71edb5836a configs/xchat: add LANG 2018-10-25 14:10:23 +02:00
Wiktor Garbacz
1bb58083c4 use new kafel features in configs and examples 2018-09-06 14:19:01 +02:00
Robert Swiecki
5a8a178290 configs/bash: add noexec/nodev/nosuid to a mount 2018-07-27 22:54:28 +02:00
Robert Swiecki
06c5818abd configs/bash: add stderr_to_null 2018-06-25 04:12:07 +02:00
Robert Swiecki
a30f2ddf12 configs/firefox - global user must be specified because of X11 permissions 2018-06-01 23:39:07 +02:00
Robert Swiecki
2d5e90cd04 configs/firefox: no need to specify local users 2018-06-01 17:06:46 +02:00
Robert Swiecki
4e243825df configs: /etc/machine-id doesn't seem required 2018-06-01 12:22:03 +02:00
Robert Swiecki
e3fae9b4d5 configs/firefox: disable clone_newnet for regular-user-firefox 2018-06-01 12:19:35 +02:00
Robert Swiecki
4c251fb593 configs: updated and synchronized for firefox 2018-06-01 12:17:27 +02:00
Robert Swiecki
bb5f8362b5 configs/ - typo 2018-02-20 15:54:28 +01:00
Robert Swiecki
e55ab672c2 configs: use rlimit_cpu_type instead of rlimit_cpu: 18446744073709551615 2017-12-07 15:35:52 +01:00
Robert Swiecki
f31d539e72 configs/ #typos 2017-12-07 15:06:31 +01:00
Robert Swiecki
928e5344f1 New config for xchat2 #typos 2017-12-07 15:03:23 +01:00
Robert Swiecki
86b6789bed New config for xchat2 2017-12-07 14:39:19 +01:00
Robert Swiecki
750d37aefd configs/firefox*: add fontconfig 2017-12-05 22:23:48 +01:00
Robert Swiecki
8fe58806f2 configs/imagemagick: more syscalls allowed 2017-12-05 22:13:00 +01:00
Robert Swiecki
5c8397860c configs: some fixes thanks to the write-up at https://offbyinfinity.com/2017/12/sandboxing-imagemagick-with-nsjail/ 2017-12-05 15:01:27 +01:00
Robert Swiecki
805ceb4363 configs/ increas rlimit_nofile for firefox 2017-10-26 02:43:40 +02:00
Robert Swiecki
a415506619 configs/busybox: indicate that the busybox must be statically compiled 2017-10-20 14:46:43 +02:00
Robert Swiecki
9c2f19b972 cmdline: add option --execute_fd and support for it, in order to use execveat() 2017-10-18 17:57:52 +02:00
Robert Swiecki
dbc6fab582 config: allow to use soft/hard/inf limits for rlimits 2017-10-06 22:44:27 +02:00
Robert Swiecki
3ae090dad2 configs: format seccomp policies 2017-09-27 15:49:12 +02:00
Robert Swiecki
374f6cc4f0 config: Initial work on converting config.c to c++ protobuf lib 
config: Initial work on converting config.c to c++ protobuf lib #2

config: Initial work on converting config.c to c++ protobuf lib #3

config: Initial work on converting config.c to c++ protobuf lib #4

config: Initial work on converting config.c to c++ protobuf lib #5

config: Initial work on converting config.c to c++ protobuf lib #6
 2017-09-14 21:17:38 +02:00
Robert Swiecki
43e402af06 configs/bash: bring back changed euid for bash 2017-07-13 02:34:18 +02:00
Robert Swiecki
5683ea7e09 cmdline: better warning about uid/gid 0 2017-07-13 02:33:11 +02:00
Robert Swiecki
b389fcdc3d configs/apache: spaces to tabs 2017-07-07 19:12:42 +02:00
Robert Swiecki
83cb1f2764 configs/apache: remove cpu limit and unnecessary is_bind 2017-07-07 19:11:56 +02:00
Robert Swiecki
6c71def056 configs/apache: remove ld.so.cache 2017-07-07 19:06:04 +02:00
Robert Swiecki
7146a8761c examples/apache: sort the entries again 2017-07-07 12:08:26 +02:00