summaryrefslogtreecommitdiff
path: root/src
Commit message (Expand)AuthorAgeFilesLines
* core: Update comment for private/slave mode of / mountColin Walters2015-09-061-4/+5
* core: Update comments around PR_SET_NO_NEW_PRIVS and nosuid mountColin Walters2015-09-061-10/+7
* Add --mount-devapi optionmore-restriction-optionsColin Walters2015-09-054-1/+175
* docs: Update to note we do containers, but are mainly for build systemsColin Walters2015-09-011-6/+8
* Drop -newnet variantColin Walters2015-09-011-128/+0
* seccomp: Add ptrace to blacklistColin Walters2015-08-291-2/+5
* Add seccomp and rules imported from xdg-app/Sandstorm.ioColin Walters2015-08-283-0/+279
* Import S390/CRIS raw_clone syscall ordering fixColin Walters2015-08-251-1/+13
* Drop use of SECBIT_NOROOT, hard require PR_SET_NO_NEW_PRIVSColin Walters2015-08-251-14/+7
* Bump up bind mount limit to 1024baserock/larswirzenius/update-to-masterColin Walters2013-09-241-1/+11
* [SECURITY] Use fsuid to lookup bind mount paths and chroot targetColin Walters2013-02-241-3/+28
* [SECURITY] Invoke chdir() after we've switched uid, not beforeColin Walters2013-02-241-3/+3
* Only MS_MOVE the root to / if the root isn't already /Colin Walters2013-01-101-4/+8
* Use MS_MOVE of / rather than chroot()Colin Walters2012-12-301-3/+12
* Exit immediately if clone() failsColin Walters2012-08-101-1/+1
* Make use of PR_SET_NO_NEW_PRIVS if availableColin Walters2012-08-101-10/+20
* Add --help and --version argumentsColin Walters2012-04-241-1/+13
* newnet: Improve docs some moreColin Walters2012-03-131-1/+1
* newnet: Use correct argv for childColin Walters2012-03-131-1/+1
* linux-user-chroot-newnet: New optional helper programColin Walters2012-03-131-0/+128
* build: Allow being built if linux/securebits.h isn't availableColin Walters2012-02-201-1/+6
* Allow being run as rootColin Walters2012-01-221-2/+0
* Search $PATH when executingColin Walters2012-01-181-1/+1
* Add a --chdir argumentColin Walters2012-01-181-2/+11
* Split this binary out from ostreeColin Walters2012-01-061-0/+346
View Lorry Controller Status