gaol
gaol copied to clipboard
servo
Cross-platform application sandboxing for Rust
glibc 2.26 switches from using open(2) to openat(2). And now everyone on earth with a seccomp filter gets to update it :)
I have two needs not currently supported by `gaol`: * I want to run code in the child process after forking but before the sandbox is in place, e.g. to...
Status
The repo seems rather unmaintained and a couple of security related issues are not addressed for years. Is this still intended to be used eventually or does it have a...
i'm trying to use gaol to sandbox a fuzzer for [ion](github.com/redox-os/ion). i'm new to sandboxing and fuzzing, so bear with me. anyway, here's the full stacktrace: [pastebin](https://pastebin.com/7gcJebt0) the fun parts...
Is there any technical reason for `gaol` to provide its own `Command` abstraction over using what's available in `std::process::Command`? The biggest functional difference I noticed is that the `gaol` provided...
Hello, i am wondering if it is possible to isolate an external command using gaol. i tryed something like this: ```rust fn handle_child() { let cmd = env::args().skip(2).next().expect("cmd ..."); let...
Per https://www.reddit.com/r/rust/comments/8mpzr6/sandboxing_rust_on_osx/ we may need to go looking for another mechanism if we want to maintain sandboxing on macOS.
If one takes a relative path, the path protection does not work. Using the given example: Just change the file access to: ` match File::open(&PathBuf::from("../../../../../bin/sh")) { ... } ` will...
After spawning a jailed subprocess, its current working directory is unchanged, so it can actually be outside the subprocess' sandbox which I believe means it can access files outside the...