Commit History

Author SHA1 Message Date
  Nick Mathewson a6688f9cbb sandbox: allow enough setsockopt to make ConstrainedSockets work 10 years ago
  Nick Mathewson a056ffabbb sandbox: permit listen(2) 10 years ago
  Nick Mathewson f0945ac270 Log the errno value if seccomp_load() fails. 10 years ago
  Nick Mathewson b0c1c70011 Make sandbox.c compile on arm 10 years ago
  Nick Mathewson e425fc7804 sandbox: revamp sandbox_getaddrinfo cacheing 10 years ago
  Nick Mathewson fef65fa643 sandbox: permit gettid, sched_getaffinity 10 years ago
  Nick Mathewson 465982012c sandbox: Disallow options which would make us call exec() 10 years ago
  Nick Mathewson 9735ca6e30 resolve a typo: sanboxing->sandboxing. 10 years ago
  Nick Mathewson b8fe8ee748 Improved message when running sandbox on Linux without libseccomp 10 years ago
  Nick Mathewson 9c3f7a6d35 Remove spurious libevent include in sandbox.c 10 years ago
  Nick Mathewson f41491816c Log the name of the failing syscall on failure 10 years ago
  Nick Mathewson f70cf9982a Sandbox: permit O_NONBLOCK and O_NOCTTY for files we refuse 10 years ago
  Nick Mathewson 6194970765 Don't allow change to ConnLimit while sandbox is active 10 years ago
  Nick Mathewson 69eb278830 Use SCMP_CMP_MASKED_EQ to allow flags, not force them 10 years ago
  Nick Mathewson e6785ee16d Get Libevent's PRNG functioning under the linux sandbox 10 years ago
  Nick Mathewson 8dc6755f6d Introduce arg-counting macros to wrap seccomp_rule_add() 10 years ago
  Nick Mathewson 12028c29e6 Fix sandbox protection for rename 10 years ago
  Nick Mathewson 739a52592b Upgrade warning about missing interned string for sandbox 10 years ago
  Nick Mathewson 5aaac938a9 Have sandbox string protection include multi-valued parmeters. 10 years ago
  Nick Mathewson f268101a61 Clean up sandbox structures a bit 10 years ago
  Nick Mathewson 6807b76a5e Add missing rename function for non-linux platforms 10 years ago
  Nick Mathewson 71eaebd971 Drop 'fr' parameter from sandbox code. 10 years ago
  Nick Mathewson cbfb8e703e Add 'rename' to the sandboxed syscalls 10 years ago
  Nick Mathewson 3802e32c7d Only intern one copy of each magic string for the sandbox 10 years ago
  Nick Mathewson ae9d6d73f5 Fix some initial sandbox issues. 10 years ago
  Nick Mathewson cc9e86db61 Log a backtrace when the sandbox finds a failure 10 years ago
  Nick Mathewson 196895ed7e Make the sandbox code allow the writev() syscall. 10 years ago
  Nick Mathewson 119896cd43 Fix some leaks/missed checks in the unit tests 10 years ago
  Nick Mathewson 25f0eb4512 Add a sandbox rule to allow IP_TRANSPARENT 10 years ago
  Nick Mathewson 9be105f94b whitespace fixes 10 years ago