www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Tahera Fahimi <fahimitahera@gmail.com>
	Thu, 5 Sep 2024 00:14:01 +0000 (18:14 -0600)
committer	Mickaël Salaün <mic@digikod.net>
	Mon, 16 Sep 2024 21:50:51 +0000 (23:50 +0200)
commit	369b48b43a09f995876bb2e88d78845eb2a80212
tree	ed29aca259586c4477b5e69e4c0c498780bd7729	tree
parent	644a728506c794e9e4f5fb9845ed4f7014cf46d9	commit \| diff

samples/landlock: Add support for abstract UNIX socket scoping

The sandboxer can receive the character "a" as input from the
environment variable LL_SCOPE to restrict sandboxed processes from
connecting to an abstract UNIX socket created by a process outside of
the sandbox.

Example
=======

Create an abstract UNIX socket to listen with socat(1):
  socat abstract-listen:mysocket -

Create a sandboxed shell and pass the character "a" to LL_SCOPED:
  LL_FS_RO=/ LL_FS_RW=. LL_SCOPED="a" ./sandboxer /bin/bash

Note that any other form of input (e.g. "a:a", "aa", etc) is not
acceptable.

If the sandboxed process tries to connect to the listening socket, the
connection will fail:
  socat - abstract-connect:mysocket

Signed-off-by: Tahera Fahimi <fahimitahera@gmail.com>
Link: https://lore.kernel.org/r/d8af908f00b77415caa3eb0f4de631c3794e4909.1725494372.git.fahimitahera@gmail.com
[mic: Improve commit message, simplify check_ruleset_scope() with
inverted error code and only one scoped change, always unset environment
variable]
Signed-off-by: Mickaël Salaün <mic@digikod.net>