mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-01-31 19:43:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cosmopolitan/test/libc/calls
History
Justine Tunney 5a132f9652 Add seccomp bpf sandboxing to redbean 
It's now possible to pass the `-S` or `-SS` flags to sandbox redbean
worker proecsses after they've been forked. The first `-S` flag is
intended to be a permissive builtin policy that limits system calls to
only that which the various parts of redbean serving need. The second
`-SS` flag is intended to be more restrictive, preventing things like
the Lua extensions you download off the web from using the HTTP client
or sockets APIs. In upcoming changes you'll be able to implement your
own Berkeley Packet Filter sandbox programs and load them via Lua.
2022-04-18 08:54:42 -07:00
..
access_test.c Fix bugs and add security features to redbean 2022-04-18 00:01:26 -07:00
chdir_test.c Fix bugs and add security features to redbean 2022-04-18 00:01:26 -07:00
commandv_test.c Improve memory safety 2021-10-13 17:27:13 -07:00
dup_test.c Improve system call support 2021-08-25 21:36:17 -07:00
fcntl_test.c Improve synchronization 2022-04-15 15:31:55 -07:00
fileexists_test.c Improve system call support 2021-08-25 21:36:17 -07:00
fork_test.c Remove more nonstandard stuff from cosmopolitan.h 2021-03-01 00:18:23 -08:00
ftruncate_test.c Remove garbage collector macro from header (#114) 2021-03-07 20:23:29 -08:00
getcwd_test.c Improve ZIP filesystem and change its prefix 2021-08-22 01:11:53 -07:00
getitimer_test.c Improve ZIP filesystem and change its prefix 2021-08-22 01:11:53 -07:00
ioctl_siocgifconf_test.c Add test for ioctl(SIOCGIFCONF) and polyfill on BSDs 2021-06-25 18:44:04 -07:00
lseek_test.c Eliminate some flakes 2021-02-03 06:25:27 -08:00
mkdir_test.c Improve system call support on NT 2022-04-07 20:30:04 -07:00
mkntcmdline_test.c Get Redbean fork() working on the New Technology 2022-03-20 08:01:14 -07:00
mkntenvblock_test.c Add MODE=optlinux build mode (#141) 2021-10-14 19:36:49 -07:00
mkntpath_test.c Remove garbage collector macro from header (#114) 2021-03-07 20:23:29 -08:00
open_test.c Fix bugs and add security features to redbean 2022-04-18 00:01:26 -07:00
pread_test.c Fix more things 2022-03-24 00:12:29 -07:00
printargs_test.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
read_test.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
readansi_test.c Improve memory safety 2021-10-13 17:27:13 -07:00
readlinkat_test.c Improve ZIP filesystem and change its prefix 2021-08-22 01:11:53 -07:00
renameat_test.c Improve ZIP filesystem and change its prefix 2021-08-22 01:11:53 -07:00
seccomp_test.c Add seccomp bpf sandboxing to redbean 2022-04-18 08:54:42 -07:00
setitimer_test.c Make signal handling work well across platforms 2022-03-25 07:28:57 -07:00
setrlimit_test.c Fix bugs and add security features to redbean 2022-04-18 00:01:26 -07:00
sigaction_test.c Improve signals and memory protection 2022-04-12 22:11:00 -07:00
signal_test.c Improve locks and signals 2022-04-12 05:20:17 -07:00
sigprocmask_test.c Improve locks and signals 2022-04-12 05:20:17 -07:00
sigsuspend_test.c Improve locks and signals 2022-04-12 05:20:17 -07:00
stat_test.c Add MODE=optlinux build mode (#141) 2021-10-14 19:36:49 -07:00
symlinkat_test.c Improve system call support on NT 2022-04-07 20:30:04 -07:00
test.mk Add MODE=optlinux build mode (#141) 2021-10-14 19:36:49 -07:00
unlinkat_test.c Fix more things 2022-03-24 00:12:29 -07:00
vfork_test.c Delete LIBC_CALLS_HEFTY 2021-02-02 22:17:53 -08:00
write_test.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
writev_test.c Improve memory safety 2021-10-13 17:27:13 -07:00