Nick Mathewson
|
72ba1739e2
Fix another memory leak case in sandbox.c:prot_strings()
|
10 anni fa |
Nick Mathewson
|
15be51b41d
Remove the non-implemented versions of the sandbox _array() functions
|
10 anni fa |
Nick Mathewson
|
991545acf1
Whitespace fixes
|
10 anni fa |
Nick Mathewson
|
523587a5cf
fix memory leak on failure in sandbox.c:prot_strings()
|
10 anni fa |
Nick Mathewson
|
35b2e11755
Store sandbox params as char *, since that's what they are.
|
10 anni fa |
Nick Mathewson
|
7f3563058d
Fix a 32-big conversion warning in 11970 fix
|
10 anni fa |
Nick Mathewson
|
6f20dd7bfc
Merge remote-tracking branch 'public/bug11970'
|
10 anni fa |
Nick Mathewson
|
b883b8d1a5
Yield a real error in the bug case of sandbox_getaddrinfo()
|
10 anni fa |
Nick Mathewson
|
307aa7eb43
Spell getrlimit correctly.
|
10 anni fa |
Nick Mathewson
|
a6688f9cbb
sandbox: allow enough setsockopt to make ConstrainedSockets work
|
10 anni fa |
Nick Mathewson
|
a056ffabbb
sandbox: permit listen(2)
|
10 anni fa |
Nick Mathewson
|
f0945ac270
Log the errno value if seccomp_load() fails.
|
10 anni fa |
Nick Mathewson
|
b0c1c70011
Make sandbox.c compile on arm
|
10 anni fa |
Nick Mathewson
|
e425fc7804
sandbox: revamp sandbox_getaddrinfo cacheing
|
10 anni fa |
Nick Mathewson
|
fef65fa643
sandbox: permit gettid, sched_getaffinity
|
10 anni fa |
Nick Mathewson
|
465982012c
sandbox: Disallow options which would make us call exec()
|
10 anni fa |
Nick Mathewson
|
9735ca6e30
resolve a typo: sanboxing->sandboxing.
|
10 anni fa |
Nick Mathewson
|
b8fe8ee748
Improved message when running sandbox on Linux without libseccomp
|
10 anni fa |
Nick Mathewson
|
9c3f7a6d35
Remove spurious libevent include in sandbox.c
|
10 anni fa |
Nick Mathewson
|
f41491816c
Log the name of the failing syscall on failure
|
10 anni fa |
Nick Mathewson
|
f70cf9982a
Sandbox: permit O_NONBLOCK and O_NOCTTY for files we refuse
|
10 anni fa |
Nick Mathewson
|
6194970765
Don't allow change to ConnLimit while sandbox is active
|
10 anni fa |
Nick Mathewson
|
69eb278830
Use SCMP_CMP_MASKED_EQ to allow flags, not force them
|
10 anni fa |
Nick Mathewson
|
e6785ee16d
Get Libevent's PRNG functioning under the linux sandbox
|
10 anni fa |
Nick Mathewson
|
8dc6755f6d
Introduce arg-counting macros to wrap seccomp_rule_add()
|
10 anni fa |
Nick Mathewson
|
12028c29e6
Fix sandbox protection for rename
|
10 anni fa |
Nick Mathewson
|
739a52592b
Upgrade warning about missing interned string for sandbox
|
10 anni fa |
Nick Mathewson
|
5aaac938a9
Have sandbox string protection include multi-valued parmeters.
|
10 anni fa |
Nick Mathewson
|
f268101a61
Clean up sandbox structures a bit
|
10 anni fa |
Nick Mathewson
|
6807b76a5e
Add missing rename function for non-linux platforms
|
10 anni fa |