mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-02-24 14:59:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
2006 commits 9 branches 118 tags 319 MiB
Commit graph

5 commits

Author SHA1 Message Date
Justine Tunney
7b284f6bda
Fix bugs and regressions in the pledge command 
This change gets the pledge (formerly pledge.com) command back in tip
top shape for a 3.0.1 cosmos release. It now runs on all platforms, even
though it's mostly a no-op on ones that lack the kernel security stuff.
The binary footprint is now smaller, since it no longer needs to link
malloc. It's also now able to be built as a fat binary.
 2023-11-01 06:08:58 -07:00
Justine Tunney
be29b709b7
Fix pledge.com interop with Go DNS 
Based on a pure analysis of the Go source code, it wants:

- SOL_SOCKET + SO_BROADCAST
- IPPROTO_IPV6 + IPV6_V6ONLY

Fixes #627
 2022-09-18 03:56:52 -07:00
Justine Tunney
b69f3d2488
Optimize memory layout 2022-09-12 04:26:52 -07:00
Justine Tunney
0277d7d6e9 Rewrite Linux pledge() code so it can be a payload 
It's now possible to build our pledge() polyfill as a dynamic shared
object that can be injected into a glibc executable using LD_PRELOAD
 2022-08-08 11:41:08 -07:00
Justine Tunney
f968e2a726 Improve pledge() and unveil() further 
- Fix getpriority()
- Add AT_MINSIGSTKSZ
- Fix bugs in BPF code
- Show more stuff in printargs.com
- Write manual test for pledge.com
- pledge() now generates tinier BPF code
- Have pledge("exec") only enable execve()
- Fix pledge.com chroot setuid functionality
- Improve pledge.com unveiling of ape loader
 2022-07-24 03:10:16 -07:00