issues
search
landlock-lsm
/
go-landlock
A Go library for the Linux Landlock sandboxing feature
MIT License
99
stars
7
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Support LANDLOCK_ACCESS_FS_IOCTL_DEV access right
#29
gnoack
opened
1 month ago
0
Configure a linter
#28
gnoack
closed
5 months ago
0
Minimal landlock not working with ffmpeg/ffprobe
#27
ikmckenz
closed
7 months ago
6
BUG(go-landlock) visible when adding non-file access rights on files
#26
gnoack
closed
3 days ago
1
Make it possible to create composable libraries of Landlock rules
#25
gnoack
opened
1 year ago
3
Auto-generated documentation
#24
l0kod
closed
1 year ago
1
Add a Github workflow for executing the tests in Qemu on actual kernels.
#23
gnoack
opened
2 years ago
7
Add Landlock V2 support.
#22
gnoack
closed
1 year ago
2
Add Landlock V2 support.
#21
gnoack
closed
2 years ago
1
Prepare for Landlock V2
#20
gnoack
closed
1 year ago
2
Use constants from golang.org/x/sys/unix
#19
tklauser
closed
2 years ago
1
Ensure that PathAccess(...).accessFS ⊆ cfg.handledAccessFS
#18
gnoack
closed
2 years ago
3
landlock/syscall: use syscall.AllThreadsSyscall{,6} directly
#17
tklauser
closed
2 years ago
3
Improve documentation
#16
gnoack
opened
2 years ago
2
Make it hard to construct invalid AccessFSSets
#15
gnoack
closed
2 years ago
1
Converting allowedAccess strings into AccessFSSet uint64
#14
BoardzMaster
opened
2 years ago
4
Deal with the case where the kernel supports a higher Landlock version than known to go-landlock
#13
gnoack
closed
2 years ago
5
Make the handledAccessFS set configurable.
#12
gnoack
closed
2 years ago
3
pathOpt struct external usage
#11
BoardzMaster
closed
2 years ago
6
Move golandlock under landlock-lsm
#10
gnoack
closed
2 years ago
10
Presence of CGO breaks the prctl call
#9
gnoack
closed
2 years ago
7
Use this with more real-world scenarios
#8
gnoack
closed
2 years ago
1
Fallback mechanism for non-existent files
#7
gnoack
closed
1 year ago
6
Do some exhaustive testing
#6
gnoack
closed
2 years ago
1
RestrictPaths needs to apply to all OS threads and Goroutines at once
#5
gnoack
closed
2 years ago
1
Make Restrict() future-proof
#4
gnoack
closed
2 years ago
7
rwDirs and rwFiles enforces the file hierarchies to be write-only, not read-write
#3
gnoack
closed
3 years ago
1
Change parameter names for readability
#2
yaronf
closed
3 years ago
0
Missing license
#1
l0kod
closed
3 years ago
2