search

SubconsciousCompute / seccomp-pledge

seccomp-BPF filtering and pledge/unveil sandboxing for Linux
GNU Affero General Public License v3.0
4 stars 3 forks source link

resolves #1 #3

Closed DeviousCilantro closed 1 year ago

DeviousCilantro commented 1 year ago

completed all tasks mentioned in #1 with some additional refactoring

DeviousCilantro commented 1 year ago

Certainly. I was actually planning to update README.md with details of all the changes implemented after figuring out how to incorporate Unix socket API support as @dilawar had suggested, which I would also demonstrate in the README. But sure, I will add some examples for now.

DeviousCilantro commented 1 year ago

@sn99 I have updated README.md with more examples/demos, added a quick overview of the available flags and added pledge as a local binary with the option to fetch from upstream too. Feel free to review and merge the commits if deemed appropriate.

DeviousCilantro commented 1 year ago

I have also implemented Unix socket API support and provided some details about it in the README. Will add an example/demo for it soon.

DeviousCilantro commented 1 year ago

@dilawar @sn99 Added examples/demos for the three modes (interactive, non-interactive, API) of interacting with seccomp-pledge and updated the README. Tested the Unix IPC socket and it works fine. Let me know if there is anything else left to be done.

sn99 commented 1 year ago

@dilawar I don't have merge access, I think we can merge it for now and see where we go from there