-
Hi,
Good to see such study! I'm the maintainer of Landlock so I'll mainly comment on that part.
It would be nice to go a bit further the facts and explain their reasons. For instance, about comp…
-
`dtprobed` already uses seccomp, but there's a new Linux sandboxing LSM in town which solves a bunch of problems seccomp has wrt abstraction and targeting the wrong layer.
We should be able to use …
-
We recently merged some landlock related tests https://github.com/linux-test-project/ltp/tree/master/testcases/kernel/syscalls/landlock/, there is already partly merged v4 landlock testing: https://pa…
pevik updated
2 months ago
-
![image](https://github.com/user-attachments/assets/a1139bef-1c01-477f-939f-4a6e9de5867f)
error: restricting filesystem access failed because landlock is not supported by the kernel!
-
### Issue Description
I just started using Vanilla OS, but cannot get my music library to show up in GNOME Music.
Investigating this, I found out that the tracker3 extractor used to gather the aud…
-
I hope everyone with eye on landlock functionality could plant this feature as fast as possible inside firejail.
https://www.phoronix.com/news/Landlock-Networking-Linux-6.7
Thanks and
…
-
- [ ] Code
- [ ] https://github.com/netblue30/firejail/pull/5315#pullrequestreview-1073973090
- [ ] https://github.com/netblue30/firejail/pull/5315#pullrequestreview-1074357756
- [ ] https://…
-
[SCTP](https://man7.org/linux/man-pages/man7/sctp.7.html) is connection-oriented protocol that can be used to establish one-to-many and one-to-one communication between endpoints.
One-to-one style …
-
As talked about in [today's meeting](https://docs.google.com/document/d/1JY8FREBPCUUFpuv7-4B9EjeS2MLDpel0dbG5DFWrTns/edit), it would be good to have guidelines to help developers sandbox their applica…
-
We worked together a few years ago (cf. #1554) before the Landlock LSM was in mainline. A lot changed since then, and Landlock is now widely available and enabled by default in most distros. As report…