Justine Tunney 133c693650 Work around Landlock output inode in compile.com ... This change fixes Landlock Make so that only the output target file is unveiled, rather than unveiling the directory that contains it. This gives us a much stronger sandbox. It also helped identify problematic build code in our repo that should have been using o/tmp instead. Landlock isn't able to let us unveil files that don't exist. Even if they do, then once a file is deleted, the sandboxing for it goes away. This caused problems for Landlock Make because tools like GNU LD will repeatedly delete and recreate the output file. This change uses the compile.com wrapper to ensure on changes happen to the output inode. New binary available on https://justine.lol/make/ Fixes #528		2022-08-09 07:55:44 -07:00
..
bootstrap	Work around Landlock output inode in compile.com	2022-08-09 07:55:44 -07:00
config.mk	Flatten InfoZIP directory and fix build issues	2022-04-20 22:40:33 -07:00
definitions.mk	Work around Landlock output inode in compile.com	2022-08-09 07:55:44 -07:00
functions.mk	Initial import	2020-06-15 07:18:57 -07:00
gdb	Fix redbean zip central directory lookup	2021-02-27 12:08:28 -08:00
htags	Make some systemic improvements	2022-05-18 16:52:36 -07:00
online.mk	Improve build system	2021-02-19 23:03:34 -08:00
realify.sed	Add minor improvements and cleanup	2020-10-27 03:39:46 -07:00
realify.sh	Make more improvements	2020-09-28 01:20:34 -07:00
rules.mk	Work around Landlock output inode in compile.com	2022-08-09 07:55:44 -07:00
sanitycheck	Fix some regressions with execution	2022-08-07 22:10:18 -07:00