Closed gnoack closed 2 weeks ago
Example:
package main
import (
"fmt"
"github.com/landlock-lsm/go-landlock/landlock"
)
func main() {
err := landlock.V3.BestEffort().RestrictPaths(
landlock.PathAccess(0b1111111111111, "/dev/null"),
)
if err != nil {
fmt.Println(err)
}
}
Returns:
populating ruleset for "/dev/null" with access {execute,write_file,read_file,read_dir,remove_dir,remove_file,make_char,make_dir,make_reg,make_sock,make_fifo,make_block,make_sym}: landlock_add_rule: BUG(go-landlock): This should not have happened: invalid flags, or inconsistent access in the rule: invalid argument
When using non-file access rights on files (rather than directories), it is possible to get go-landlock to return a
BUG(go-landlock)
error.This is unintended and should be fixed.
Reported by https://www.reddit.com/user/ikmckenz/ on https://www.reddit.com/r/linuxquestions/comments/17qg6fj/give_landlock_access_to_devnull_properly/