extrasafe
extrasafe copied to clipboard
boustrophedon
Make your code extra-safe by voluntarily dropping privileges
While reading the blog post at https://harrystern.net/extrasafe-user-namespaces.html I thought to myself: that doesn't sound like it would work, because it would mess up how binaries find their shared libraries when...
This adds full arm64 support. I implemented this as a feature flag, so you can easily test if it compiles by just passing `--all-features` to cargo. ARM64 is missing a...
I saw https://www.ubicloud.com/docs/github-actions-integration/quickstart [on HN today](https://news.ycombinator.com/item?id=39191870) and it seems like it would be pretty easy to set up for extrasafe so we could consider supporting aarch64 without having to set...
Since 99% of the time you're just going to call unwrap or expect on the result of `enable`/`apply` calls, for the next release I'd like to rename `enable` to `try_enable`,...
Really excited to see this crate, and very impressed by your work so far. Reading over the code, I see a few places where the `ExtraSafeError` could be tweaked to...
Either make a builder that lets you do `add _env` (although currently the builder would only do that so it's not really worth having, which is why I didn't do...
This PR combines #45, #46, #47, #48, #49, #50 and #51 to see and test the full picture. It might be easier to merge this PR after reviewing the other...
Extend the capabilities of the builtin `Time` using the `allow!`-macro introduced by https://github.com/boustrophedon/extrasafe/pull/47.
Querying and modifying user-ID related properties. This uses the `allow!`-macro introduced by https://github.com/boustrophedon/extrasafe/pull/47
This macro will be used by further PRs to implement methods to add syscalls or groups of syscalls.
Metadata
Owner
Metadata
Make your code extra-safe by voluntarily dropping privileges