subject:"\[PATCH net\-next v6 08\/11\] bpf\: Add a Landlock sandbox example"

Re: [PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

2017-04-18 Thread Mickaël Salaün

On 19/04/2017 01:06, Kees Cook wrote: > On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote: >> Add a basic sandbox tool to create a process isolated from some part of >> the system. This sandbox create a read-only environment. It is only >> allowed to write to a character

Re: [PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

2017-04-18 Thread Mickaël Salaün

On 19/04/2017 01:06, Kees Cook wrote: > On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote: >> Add a basic sandbox tool to create a process isolated from some part of >> the system. This sandbox create a read-only environment. It is only >> allowed to write to a character device such as a

Re: [PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

2017-04-18 Thread Kees Cook

On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote: > Add a basic sandbox tool to create a process isolated from some part of > the system. This sandbox create a read-only environment. It is only > allowed to write to a character device such as a TTY: > > # :> X > # echo

Re: [PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

2017-04-18 Thread Kees Cook

On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote: > Add a basic sandbox tool to create a process isolated from some part of > the system. This sandbox create a read-only environment. It is only > allowed to write to a character device such as a TTY: > > # :> X > # echo $? > 0 > #

[PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

2017-03-28 Thread Mickaël Salaün

Add a basic sandbox tool to create a process isolated from some part of the system. This sandbox create a read-only environment. It is only allowed to write to a character device such as a TTY: # :> X # echo $? 0 # ./samples/bpf/landlock1 /bin/sh -i Launching a new sandboxed process.

[PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

2017-03-28 Thread Mickaël Salaün

Add a basic sandbox tool to create a process isolated from some part of the system. This sandbox create a read-only environment. It is only allowed to write to a character device such as a TTY: # :> X # echo $? 0 # ./samples/bpf/landlock1 /bin/sh -i Launching a new sandboxed process.

Re: [PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

Re: [PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

Re: [PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

Re: [PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

[PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

[PATCH net-next v6 08/11] bpf: Add a Landlock sandbox example

6 matches

Site Navigation

Mail list logo

Footer information