mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-02-14 18:27:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
cosmopolitan/libc/sock
History
Justine Tunney 5a132f9652 Add seccomp bpf sandboxing to redbean 
It's now possible to pass the `-S` or `-SS` flags to sandbox redbean
worker proecsses after they've been forked. The first `-S` flag is
intended to be a permissive builtin policy that limits system calls to
only that which the various parts of redbean serving need. The second
`-SS` flag is intended to be more restrictive, preventing things like
the Lua extensions you download off the web from using the HTTP client
or sockets APIs. In upcoming changes you'll be able to implement your
own Berkeley Packet Filter sandbox programs and load them via Lua.
2022-04-18 08:54:42 -07:00
..
accept-nt.c Improve synchronization 2022-04-15 15:31:55 -07:00
accept-sysv.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
accept.c Make signal handling work well across platforms 2022-03-25 07:28:57 -07:00
accept4-sysv.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
accept4.c Make small fixes 2022-04-17 10:40:32 -07:00
alg.h Perform build and magnum tuning 2021-08-10 10:26:13 -07:00
asanmsghdr.c Add seccomp bpf sandboxing to redbean 2022-04-18 08:54:42 -07:00
basesocket.c Improve synchronization 2022-04-15 15:31:55 -07:00
bind-nt.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
bind.c Improve synchronization 2022-04-15 15:31:55 -07:00
closesocket-nt.c Improve synchronization 2022-04-15 15:31:55 -07:00
connect-nt.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
connect-sysv.c Implement syslog (#136) 2021-04-01 19:32:39 -07:00
connect.c Improve synchronization 2022-04-15 15:31:55 -07:00
dupsockfd.c Improve synchronization 2022-04-15 15:31:55 -07:00
epoll.c Improve synchronization 2022-04-15 15:31:55 -07:00
epoll.h Add epoll and do more release readiness changes 2020-11-28 12:01:51 -08:00
firewall.c Improve ZIP filesystem and change its prefix 2021-08-22 01:11:53 -07:00
fixupnewsockfd.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
gethostips.c Add test for ioctl(SIOCGIFCONF) and polyfill on BSDs 2021-06-25 18:44:04 -07:00
getpeername-nt.c Make minor revisions to previous change 2021-06-30 10:45:27 -07:00
getpeername-sysv.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
getpeername.c Improve synchronization 2022-04-15 15:31:55 -07:00
getsockname-nt.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
getsockname-sysv.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
getsockname.c Improve synchronization 2022-04-15 15:31:55 -07:00
getsockopt-nt.c Add SSL to redbean 2021-06-24 13:20:50 -07:00
getsockopt.c Improve synchronization 2022-04-15 15:31:55 -07:00
goodsocket.c Refactor out some duplicated code 2021-08-14 06:17:56 -07:00
goodsocket.internal.h Refactor out some duplicated code 2021-08-14 06:17:56 -07:00
inet_addr.c Add IP address conversion helpers 2021-02-20 22:53:22 -08:00
inet_aton.c Add IP address conversion helpers 2021-02-20 22:53:22 -08:00
inet_ntoa.c Add IP address conversion helpers 2021-02-20 22:53:22 -08:00
inet_ntop.c Introduce --strace flag for system call tracing 2022-03-18 18:07:28 -07:00
inet_pton.c Add /statusz page to redbean plus other enhancements 2021-04-23 18:53:57 -07:00
internal.h Add seccomp bpf sandboxing to redbean 2022-04-18 08:54:42 -07:00
iovec2nt.c Remove more nonstandard stuff from cosmopolitan.h 2021-03-01 00:18:23 -08:00
ipclassify.internal.h Get Cosmopolitan into releasable state 2020-11-25 08:19:00 -08:00
ispublicip.c Improve ZIP filesystem and change its prefix 2021-08-22 01:11:53 -07:00
kntwsadata.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
listen-nt.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
listen.c Improve synchronization 2022-04-15 15:31:55 -07:00
ntstdin.greg.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
ntstdin.internal.h Improve synchronization 2022-04-15 15:31:55 -07:00
parseport.c Add protoent and netent (#209) 2021-07-10 12:36:35 -07:00
recv-nt.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
recv.c Fix bugs and add security features to redbean 2022-04-18 00:01:26 -07:00
recvfrom-nt.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
recvfrom.c Fix bugs and add security features to redbean 2022-04-18 00:01:26 -07:00
recvmsg.c Add seccomp bpf sandboxing to redbean 2022-04-18 08:54:42 -07:00
select-nt.c Improve synchronization 2022-04-15 15:31:55 -07:00
select.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
select.h Make numerous improvements 2021-09-28 01:52:34 -07:00
send-nt.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
send.c Fix bugs and add security features to redbean 2022-04-18 00:01:26 -07:00
sendfile.c Make numerous improvements 2021-09-28 01:52:34 -07:00
sendmsg.c Add seccomp bpf sandboxing to redbean 2022-04-18 08:54:42 -07:00
sendto-nt.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
sendto.c Fix bugs and add security features to redbean 2022-04-18 00:01:26 -07:00
setsockopt-nt.c Add /statusz page to redbean plus other enhancements 2021-04-23 18:53:57 -07:00
setsockopt.c Improve synchronization 2022-04-15 15:31:55 -07:00
shutdown-nt.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
shutdown.c Improve synchronization 2022-04-15 15:31:55 -07:00
sock.h Introduce --strace flag for system call tracing 2022-03-18 18:07:28 -07:00
sock.mk Improve synchronization 2022-04-15 15:31:55 -07:00
sockdebug.c Fix more things 2022-03-24 00:12:29 -07:00
sockdebug.h Introduce --strace flag for system call tracing 2022-03-18 18:07:28 -07:00
socket-nt.c Improve synchronization 2022-04-15 15:31:55 -07:00
socket-sysv.c Have redbean show zip listing as default / handler 2021-03-29 01:22:49 -07:00
socket.c Improve synchronization 2022-04-15 15:31:55 -07:00
socketpair-nt.c Improve synchronization 2022-04-15 15:31:55 -07:00
socketpair-sysv.c Perform fine-tuning of socketpair and pipe 2021-03-16 22:44:54 -07:00
socketpair.c Implement raw system call for redbean lua code 2022-04-13 08:53:24 -07:00
stdinworker.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
syslog.c Add seccomp bpf sandboxing to redbean 2022-04-18 08:54:42 -07:00
syslog.h Add seccomp bpf sandboxing to redbean 2022-04-18 08:54:42 -07:00
winsockblock.c Improve synchronization 2022-04-15 15:31:55 -07:00
wsablock.c Fix bugs with recent change 2022-04-16 10:40:23 -07:00
xinet_ntop.c Remove dollars from system call support symbols 2021-02-03 19:35:29 -08:00
yoink.inc Improve synchronization 2022-04-15 15:31:55 -07:00