tequilaOS/platform_external_selinux

5370 commits 1 branch 0 tags 17 MiB

Author	SHA1	Message	Date
Petr Lautrbach	ecfcb1d6a8	sandbox: Use temporary directory for XDG_RUNTIME_DIR XDG_RUNTIME_DIR (/run/user/$UID) is used for user-specific data files such as sockets, named pipes and so on. Therefore, it should not be available to sandboxed processes. Usage: # ls -a $XDG_RUNTIME_DIR . .. bus pipewire-0 systemd # sandbox -R /root/sandbox/user -- sh -c "ls -a $XDG_RUNTIME_DIR" . .. Signed-off-by: Petr Lautrbach <plautrba@redhat.com> Acked-by: James Carter <jwcart2@gmail.com>	2022-11-09 07:49:34 -05:00
Yuri Chornoivan	f032946cf9	Fix minor typos Signed-off-by: Yuri Chornoivan <yurchor@ukr.net>	2018-06-30 20:28:25 +02:00
Stephen Smalley	97bf196c89	Move policycoreutils/sandbox to sandbox. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>	2016-11-16 11:19:50 -05:00

Author

SHA1

Message

Date

Petr Lautrbach

ecfcb1d6a8

sandbox: Use temporary directory for XDG_RUNTIME_DIR

XDG_RUNTIME_DIR (/run/user/$UID) is used for user-specific data files
such as sockets, named pipes and so on. Therefore, it should not be
available to sandboxed processes.

Usage:
    # ls -a $XDG_RUNTIME_DIR
    .  ..  bus  pipewire-0  systemd
    # sandbox -R /root/sandbox/user -- sh -c "ls -a $XDG_RUNTIME_DIR"
    .  ..

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Acked-by: James Carter <jwcart2@gmail.com>

2022-11-09 07:49:34 -05:00

Yuri Chornoivan

f032946cf9

Fix minor typos

Signed-off-by: Yuri Chornoivan <yurchor@ukr.net>

2018-06-30 20:28:25 +02:00

Stephen Smalley

97bf196c89

Move policycoreutils/sandbox to sandbox.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

2016-11-16 11:19:50 -05:00

Renamed from policycoreutils/sandbox/seunshare.8 (Browse further)

3 commits