-
We can run executable files that are only given read but not execute access by copying them into a `memfd` and then call `fexecve` on the file descriptor. Should we restrict this?
-
We worked together a few years ago (cf. #1554) before the Landlock LSM was in mainline. A lot changed since then, and Landlock is now widely available and enabled by default in most distros. As report…
-
The kernel will eventually enable to handle all the threads from the current process (see landlock-lsm/linux#2), but it would be good to do the same from the currently available user space features.
…
l0kod updated
3 months ago
-
With the discussions about some of the limitations of (lib)seccomp (#2151, #2735 etc.), especially in the context of determining which error to return for syscalls that may or may not be around at run…
-
We've been inconsistently using EXPECT and ASSERT in Landlock's selftests, especially for teardown. (fs_test.c uses `ASSERT_EQ(0, close(fd))` whereas net_test.c uses `EXPECT_EQ(0, close(fd))` everywh…
-
Being able to restrict any kind of socket would definitely be useful for a sandbox.
We could add a new `handled_access_socket` field to the `landlock_ruleset` struct, which would contain `LANDLOCK_…
l0kod updated
1 month ago
-
/usr/sbin/sslh-ev -t 2 -f -n -u root --listen=x.x.x.x.:443 --http=localhost:80
Landlock: Failed to create a ruleset
http: lost incoming connection
uname
Linux ns 6.1.67-gentoo
I can’t un…
-
I don't think the current `rust-landlock` crate has a way to query for landlock support, however even after #12 this might still be desirable.
Some applications might want to give users the choice …
-
We already have a `test-linux-oldkernel` CI job for the purpose of testing the case where Landlock is not available in the kernel.
This can be extended to more kernel versions using UML: https://gi…
-
Motivation of socket access-control feature is to restrict actions of adding sockets in a sandboxed process. This can be useful to limit the range of allowed protocols or even to disable the addition …