woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,095 Commits 2 Branches 0 Tags 1.5 MiB
3342a8d483
Commit Graph

106 Commits

Author SHA1 Message Date
Robert Swiecki
39ce9d22a7 caps: just local caps 2017-07-05 17:29:57 +02:00
Robert Swiecki
54a522326f caps: simplify capability operations 2017-07-05 15:57:07 +02:00
Andy Pan
b2855a8164 Add back ERRNO(1337) for example config 2017-07-04 04:26:37 +08:00
Robert Swiecki
5a68595a5b mount: allow for non-mandatory symlinks 
mount: allow for non-mandatory symlinks
 2017-07-02 03:40:47 +02:00
Robert Swiecki
e4aba73385 Allow to create symlinks 2017-06-29 00:32:20 +02:00
Robert Swiecki
64f6232e9c config: rename the chrome profile 2017-06-22 16:12:56 +02:00
Robert Swiecki
cd17b43cb0 remove configs/config1.example 2017-06-22 02:28:02 +02:00
Robert Swiecki
de28b4d709 configs: demo policy for chrome 2017-06-22 01:37:18 +02:00
Robert Swiecki
69783dc200 config: max_cpu_num -> max_cpus 2017-06-21 17:52:16 +02:00
Robert Swiecki
89de032187 configs/bash: remove /dev/shm from bash cfg 2017-06-21 03:40:18 +02:00
Robert Swiecki
0c73e84af5 configs: add /dev/shm 2017-06-20 03:14:09 +02:00
Robert Swiecki
be083f6752 config: bind port to config 2017-06-19 23:52:56 +02:00
Robert Swiecki
ceaed43133 config: implement max_cpu_num in PB 2017-06-19 17:05:01 +02:00
Robert Swiecki
88d8570843 configs/bash: set argv[0] 2017-06-12 02:16:27 +02:00
Robert Swiecki
24002c606d configs/home-documents-with-xorg-no-net: add /dev/null 2017-05-29 19:24:14 +02:00
Robert Swiecki
35be622f80 configs:configs/home-documents-with-xorg-no-net Xorg socket as R/W 2017-05-29 19:03:37 +02:00
Robert Swiecki
593943ec3a configs/bash-with-fake-geteuid: block ptrace, fix description 2017-05-29 16:57:04 +02:00
Robert Swiecki
ca245f9cdb configs: typo 2017-05-29 15:01:34 +02:00
Robert Swiecki
6380474301 Simplify mountMount 2017-05-29 03:29:14 +02:00
Robert Swiecki
0271586e81 Get rid of pivot_root_only - achieve the same in different way 2017-05-29 03:11:32 +02:00
Robert Swiecki
285412c4dd configs/bash-with-fake-geteuid set home 2017-05-28 19:22:03 +02:00
Robert Swiecki
9dcb84572d configs/bash-with-fake-geteuid skip_setsid for job control 2017-05-28 19:21:22 +02:00
Robert Swiecki
785852ac22 configs/bash-with-fake-geteuid fancier PS1 2017-05-28 19:20:25 +02:00
Robert Swiecki
9db01ec991 config: implement keep caps 2017-05-28 19:17:48 +02:00
Robert Swiecki
8e00976f49 configs/imagemagick: increase rlimit_as 2017-05-28 17:42:15 +02:00
Robert Swiecki
6495f222ec configs/bash-with-fake-geteuid.cfg set TERM 2017-05-28 17:37:01 +02:00
Robert Swiecki
c42c372043 configs/home-documents-with-xorg-no-net.cfg: increase rlimit_as 2017-05-28 17:32:14 +02:00
Robert Swiecki
2b6cfde887 configs/home-documents-with-xorg-no-net.cfg: increase rlimit_as 2017-05-28 17:30:51 +02:00
Robert Swiecki
7b2fc9cdac add configs/firefox-with-cloned-net.cfg 2017-05-28 16:56:16 +02:00
Robert Swiecki
857b9901f5 configs: smaller profile for xorg tools 2017-05-28 15:27:13 +02:00
Robert Swiecki
3443d19054 configs: set cwd to /usr 2017-05-28 15:15:48 +02:00
Robert Swiecki
0585f0819d configs/firefox: add /usr/bin/firefox bind mount 2017-05-28 03:30:27 +02:00
Robert Swiecki
df60b4a6cc configs/firefox description fix 2017-05-28 03:29:01 +02:00
Robert Swiecki
de573a7a90 add configs/imagemagick-convert.cfg 2017-05-28 03:22:11 +02:00
Robert Swiecki
5697492122 mount: canonicalize paths 2017-05-28 03:19:13 +02:00
Robert Swiecki
f0eb0b3dbf configs: tigher policy for firefox 2017-05-28 02:55:50 +02:00
Robert Swiecki
37c2875e2e configs: small tweaks 2017-05-28 01:30:26 +02:00
Robert Swiecki
a2bbe667b9 config: switch is_ro to rw 2017-05-28 01:24:55 +02:00
Robert Swiecki
486aa7893b configs: small tweaks for bash 2017-05-28 00:17:18 +02:00
Robert Swiecki
e68acd68eb Support envvars on mount path definitions 2017-05-28 00:15:53 +02:00
Robert Swiecki
e020c989de configs: sandboxed firefox + readme - improvements 2017-05-27 22:01:46 +02:00
Robert Swiecki
6256cb9578 configs: tweaks for geeqie 2017-05-27 21:54:01 +02:00
Robert Swiecki
06b92dfca4 configs: Xauthority is not required 2017-05-27 21:50:15 +02:00
Robert Swiecki
031ec03331 sandboxed firefox + readme 2017-05-27 21:43:56 +02:00
Robert Swiecki
26f0b8fe1b config: remove exec_bin as it should be specified with cmd-line 2017-05-27 20:48:49 +02:00
Robert Swiecki
e671167b9c new config + readme 2017-05-27 20:47:42 +02:00
Robert Swiecki
e342959e0c configs: better description for bash-with-fake-geteuid.cfg 2017-05-27 19:17:25 +02:00
Robert Swiecki
6ad0edbee5 configs: redirect to examples 2017-05-27 19:15:57 +02:00
Robert Swiecki
d312ea0e46 config: add name and description 2017-05-27 19:06:46 +02:00
Robert Swiecki
b712afa1fc config: add name and description 2017-05-27 19:05:42 +02:00
Robert Swiecki
a545cfbe70 configs: rename config1.example -> bash-with-fake-geteuid.cfg 2017-05-27 18:45:25 +02:00
Robert Swiecki
71588194f3 config: smaller fixes (logging/comments) 2017-05-27 16:47:12 +02:00
Robert Swiecki
ec50c1346d mount: nonmandatory mounts 2017-05-27 15:17:11 +02:00
Robert Swiecki
f0cb243a89 config: allow skipping arguments in mount points 2017-05-27 15:01:34 +02:00
Robert Swiecki
d7a805ec47 config: support for envvars 2017-05-27 04:06:28 +02:00
Robert Swiecki
30d7894bba Readme 2017-05-27 02:50:13 +02:00