subject:"\[PATCH v5 07\/10\] bpf\: Add a Landlock sandbox example"

Re: [PATCH v5 07/10] bpf: Add a Landlock sandbox example

2017-02-23 Thread Mickaël Salaün

On 22/02/2017 02:26, Mickaël Salaün wrote: > Add a basic sandbox tool to create a process isolated from some part of > the system. This sandbox create a read-only environment. It is only > allowed to write to a character device such as a TTY: > > # :> X > # echo $? > 0 > #

[PATCH v5 07/10] bpf: Add a Landlock sandbox example

2017-02-21 Thread Mickaël Salaün

Add a basic sandbox tool to create a process isolated from some part of the system. This sandbox create a read-only environment. It is only allowed to write to a character device such as a TTY: # :> X # echo $? 0 # ./samples/bpf/landlock1 /bin/sh -i Launching a new sandboxed process.