Commits
- Commit:
8ef09de3d077645d29bc3e670f1d1aacab0d91cb
- From:
- Omar Polo <op@omarpolo.com>
- Date:
don't include err.h, gmid.h (via config.h) does that
- Commit:
2d3f837ac587063ac967c12afbdb219ba231256c
- From:
- Omar Polo <op@omarpolo.com>
- Date:
[seccomp] allow getrandom
- Commit:
2d3cc76f6d5c2eb4a23f0dbebe5ef779f07b947b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
we don't need unveil "x" in listener
not a big deal, since the pledge prohibits us to exec, but
nevertheless.
- Commit:
f88311e5344ed934d8b05c3738cca2a978491987
- From:
- Omar Polo <op@omarpolo.com>
- Date:
[seccomp] allow fcntl F_SETFD
musl does a F_SETFD in its fdopendir
- Commit:
1a49166de409ffcd354353450de98a7ee9885f8b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix date
- Commit:
e29dbd7217cb1ad27be0fd47e757f5dcba74db0b
- From:
- Omar Polo <op@omarpolo.com>
- Date:
added missic copyright notice
- Commit:
338f06f4e569807582f005f5804ca3abc412b255
- From:
- Omar Polo <op@omarpolo.com>
- Date:
drop seccomp.h: not needed
- Commit:
61f8d630c81fb92d771cf26496b25b5157c776ca
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fmt
- Commit:
f2b3a5193f96ab48bae4463654c67af706a18cdd
- From:
- Omar Polo <op@omarpolo.com>
- Date:
allow clock_gettime and a bit of fmt
alpine on amd64 (under OpenBSD vmd) tries to do a clock_gettime. I
don't know why, but it doesn't seem a problem to allow it.
- Commit:
3c0375e405857c074c428ddb3330d6286fcc47aa
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix BPF
- Commit:
de4f71318422e6bd66ea7836dbb235ecb463f7f8
- From:
- Omar Polo <op@omarpolo.com>
- Date:
tighten the rules for fcntl
allow only the F_GETFL and F_SETFL commands
- Commit:
298e4b96dc9ef528a058cc8a0d9561ca54588f03
- From:
- Omar Polo <op@omarpolo.com>
- Date:
explain the poll mess
- Commit:
94a79035ec810b9c529406aae80037301646500a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
__NR_poll doesn't seem to be defined on aarch64
- Commit:
65fba1d570390381f99396a547094f8b33f26ebf
- From:
- Omar Polo <op@omarpolo.com>
- Date:
[seccomp] allow also poll
on the latest fedora we glibc uses poll. On the other linux distro I
tried (void), musl is probably providing poll as a ppoll wrapper.
- Commit:
c2e39fcfedc2bf0430f65f56534ea446595c5018
- From:
- Omar Polo <op@omarpolo.com>
- Date:
we don't need to check for CGI anymore