196 Commits (master)
 

Author SHA1 Message Date
xSmurf 6f0a1ea94b Moved creation of /tmp in setup before chroot for whitelist support
10 years ago
xSmurf a7e891f4fc Tentative: Adding seccomp default blacklist to xpra/xorg server and client
10 years ago
xSmurf f9214ee18f Fix always set dbus machine-id in case program launches it
10 years ago
xSmurf 1f4400d3ff Cleanup of profiles to comply with latest wrapper changes
10 years ago
xSmurf 2f7e27f121 Cleanup passing profile to seccomp wrapper and generic blacklist
10 years ago
xSmurf 4ff81d924f Tentative: dbus daemon setup for profiles that need it
10 years ago
xSmurf 9dbfaec596 Creation of /var/run/user/<uid> inside of rootfs setup
10 years ago
xSmurf f86611af82 Pass full environment to Xpra client
10 years ago
xSmurf 58a045784d Fixed environ passing in seccomp wrapper
10 years ago
dma 634df96977 Added default seccomp blacklist policies for each profile.
10 years ago
dma 1b05e93908 Merge remote-tracking branch 'origin/master'
10 years ago
dma aa9a2966bc Blacklist support in oz-init.
10 years ago
dma 68bceab76b Blacklist support for the seccomp wrapper.
10 years ago
dma 565bb05707 Added blacklist to profile, set to default blacklist for testing.
10 years ago
dma 2d52e292b2 Experimental seccomp blacklist profiles.
10 years ago
xSmurf feb35544c8 Added permission checking of profiles, added border option for xpra, pulseaudio option removed (automatically detected from audio mode)
10 years ago
xSmurf 21016ca49a Moved root permissions check out of config for reuse in profiles
10 years ago
xSmurf 50556b1bf7 Small fixes
10 years ago
xSmurf 3f466e9d8e Changed passing of init data through stdin, added support for user groups to be set properly, cleanup torbrowser profile
10 years ago
xSmurf c4a773822b Godeps save
10 years ago
xSmurf fd929aba6b fmt
10 years ago
xSmurf 66725621e8 Typo
10 years ago
xSmurf 578b78402d Make sure our parent is always pid 1
10 years ago
xSmurf 0ce0904c9c Cleanup env var in mount
10 years ago
xSmurf 6df101331f Cleanup
10 years ago
xSmurf 046bc48d51 Rename
10 years ago
dma 2356480035 Remove some debug output.
10 years ago
dma fe617bdc44 Updated evince seccomp whitelist policy for testing.
10 years ago
David Mirza Ahmad 8f6e13a009 Oops.
10 years ago
dma ee4349cb61 Merge remote-tracking branch 'origin/master'
10 years ago
dma 122e2fd171 Testing: updated profile for evince with example seccomp whitelist policy.
10 years ago
dma a44a8ae679 Add seccomp configuration params to the Oz profile specification/parser
10 years ago
dma 7fca7e3cfc Comment broke build, temporarily removing this
10 years ago
dma 94da04bbc8 Add seccomp wrapper to oz-init
10 years ago
dma 3b0d225c62 Seccomp filter exec wrapper for testing purposes
10 years ago
xSmurf 2a10500049 Fixed passing of usefulldev
10 years ago
xSmurf 380757451c Cleanup
10 years ago
xSmurf 2ef6fcc8be Fixed adding of pwd ot binded argument files
10 years ago
xSmurf 05ce673b01 removed unused dependencies
10 years ago
xSmurf 7c50fdf30b grsec `chroot_deny_mknod` no longer required since last fs overhaul, edited readme to reflect so.
10 years ago
xSmurf 69e1da1a64 Formatting
10 years ago
xSmurf fd6ec994d5 Typo
10 years ago
xSmurf 18e1b5d886 Added mentions regarding the GNOME Shell extension
10 years ago
xSmurf 89579c5673 Typo
10 years ago
xSmurf b35a9cc8a6 Cleanup
10 years ago
xSmurf ac66ebb47f Added /var/crashes to list of empty directories
10 years ago
xSmurf 755d70b1b3 Cleanup u/mount files
10 years ago
xSmurf 11586f1e31 Path clean
10 years ago
xSmurf 820a31d253 Added get config message
10 years ago
xSmurf 9f81491fc6 Fixed passing of home dir to un/mount utilities
10 years ago