index
:
delta/linux-user-chroot.git
baserock/bootstrap
baserock/larswirzenius/update-to-master
baserock/morph
baserock/sam/improvements-for-sandboxlib
master
more-restriction-options
walters-seccomp-profile-v1
gitlab.gnome.org: GNOME/linux-user-chroot.git
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
Commit message (
Expand
)
Author
Age
Files
Lines
*
core: Update comment for private/slave mode of / mount
Colin Walters
2015-09-06
1
-4
/
+5
*
core: Update comments around PR_SET_NO_NEW_PRIVS and nosuid mount
Colin Walters
2015-09-06
1
-10
/
+7
*
Add --mount-devapi option
more-restriction-options
Colin Walters
2015-09-05
4
-1
/
+175
*
docs: Update to note we do containers, but are mainly for build systems
Colin Walters
2015-09-01
1
-6
/
+8
*
Drop -newnet variant
Colin Walters
2015-09-01
1
-128
/
+0
*
seccomp: Add ptrace to blacklist
Colin Walters
2015-08-29
1
-2
/
+5
*
Add seccomp and rules imported from xdg-app/Sandstorm.io
Colin Walters
2015-08-28
3
-0
/
+279
*
Import S390/CRIS raw_clone syscall ordering fix
Colin Walters
2015-08-25
1
-1
/
+13
*
Drop use of SECBIT_NOROOT, hard require PR_SET_NO_NEW_PRIVS
Colin Walters
2015-08-25
1
-14
/
+7
*
Bump up bind mount limit to 1024
baserock/larswirzenius/update-to-master
Colin Walters
2013-09-24
1
-1
/
+11
*
[SECURITY] Use fsuid to lookup bind mount paths and chroot target
Colin Walters
2013-02-24
1
-3
/
+28
*
[SECURITY] Invoke chdir() after we've switched uid, not before
Colin Walters
2013-02-24
1
-3
/
+3
*
Only MS_MOVE the root to / if the root isn't already /
Colin Walters
2013-01-10
1
-4
/
+8
*
Use MS_MOVE of / rather than chroot()
Colin Walters
2012-12-30
1
-3
/
+12
*
Exit immediately if clone() fails
Colin Walters
2012-08-10
1
-1
/
+1
*
Make use of PR_SET_NO_NEW_PRIVS if available
Colin Walters
2012-08-10
1
-10
/
+20
*
Add --help and --version arguments
Colin Walters
2012-04-24
1
-1
/
+13
*
newnet: Improve docs some more
Colin Walters
2012-03-13
1
-1
/
+1
*
newnet: Use correct argv for child
Colin Walters
2012-03-13
1
-1
/
+1
*
linux-user-chroot-newnet: New optional helper program
Colin Walters
2012-03-13
1
-0
/
+128
*
build: Allow being built if linux/securebits.h isn't available
Colin Walters
2012-02-20
1
-1
/
+6
*
Allow being run as root
Colin Walters
2012-01-22
1
-2
/
+0
*
Search $PATH when executing
Colin Walters
2012-01-18
1
-1
/
+1
*
Add a --chdir argument
Colin Walters
2012-01-18
1
-2
/
+11
*
Split this binary out from ostree
Colin Walters
2012-01-06
1
-0
/
+346