aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* libseccomp is now optional but still recommendedToni Uhlig2018-06-25
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* improved debug output while changing user/groupToni Uhlig2018-06-24
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* BUG: replaced pthread_detach with pthread_attr_setdetachstate to fix ↵Toni Uhlig2018-06-24
| | | | | | possible SIGSEGVs on ARM platforms Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added backtrace support on SIGSEGVToni Uhlig2018-06-24
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* instead of checking libutil for forkpty, check for openpty and login_ttyToni Uhlig2018-06-24
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added seccomp blacklisted syscalls: ioperm, ioplToni Uhlig2018-06-24
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* fixed buffer overwrite by libc functions basename/dirname, open(...) should ↵Toni Uhlig2018-06-24
| | | | | | set mode to 0 instead of ignoring it Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added timestamps in log_colored and log_file modulesToni Uhlig2018-06-24
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* fixed valgrind mount complaints (does not like NULL as src/fstype)Toni Uhlig2018-06-23
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* fixed blacklisting issues after safe_chroot, main jail-client process does ↵Toni Uhlig2018-06-23
| | | | | | not chroot anymore Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* improved filesystem managment (blacklisting, mounting read-only/read-write ↵Toni Uhlig2018-06-23
| | | | | | objects), improved jail/pty handling Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* introduced firejail alike filesystem managment (modified source from firejail)Toni Uhlig2018-06-21
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* gitlab yaml updateToni Uhlig2018-06-21
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* several minor bugfixesToni Uhlig2018-06-21
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added options OPT_SSH_RUN_DIR,OPT_CHUSER,OPT_CHGROUP required for setting ↵Toni Uhlig2018-06-20
| | | | | | correct permissions for ssh key files Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* autotools overhaulToni Uhlig2018-06-19
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* gitlab yaml now builds a static binaryToni Uhlig2018-06-18
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* autoconf: proper extra CFLAG check/handling e.g. -f* and ↵Toni Uhlig2018-06-18
| | | | | | inter-library-dependency checks, snprintf m4 should not fail if xcompiling Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* seccomp: allow socket syscall in jailToni Uhlig2018-06-18
| | | | | | setup namespaces: old valgrind versions dont support the setns syscall, so use unshare if previous failed Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* check if a file path is an mountpoint (not only directories)Toni Uhlig2018-06-18
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* autoconf script added pthread macro/checkToni Uhlig2018-06-18
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* autoconf script checks for -std=gnu99 and secure_getenv availabilityToni Uhlig2018-06-18
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added cppcheck to gitlab yaml for code analysisToni Uhlig2018-06-18
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* flawfinder ignores now seccomp syscall definitionsToni Uhlig2018-06-17
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* replaced getenv with secure_getenvToni Uhlig2018-06-17
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* add gitlab flawfinder supportToni Uhlig2018-06-17
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added --test to test essential app functions (more in future) during ↵Toni Uhlig2018-06-17
| | | | | | startup/gitlab Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* added snprintf autoconf and runtime checkToni Uhlig2018-06-17
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* fixed gitlab yaml errors: ArchLinux dependencies pkg names, added OpenWrt ↵Toni Uhlig2018-06-17
| | | | | | docker image skeleton Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Merge branch 'master' of ssh://git.lan:/git/potdToni Uhlig2018-06-17
|\
| * added archlinux build to gitlab yamllns2018-06-14
| | | | | | | | Signed-off-by: lns <matzeton@googlemail.com>
* | jail multiple netns mount fixToni Uhlig2018-06-17
| | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* | fixed cross-compile libssh shlibs dependency errorToni Uhlig2018-06-17
|/ | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* do gitlab SAST only if env variable setToni Uhlig2018-06-14
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* use debian stable as gitlab docker imageToni Uhlig2018-06-14
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* fixed gitlab yaml CI lint errorsToni Uhlig2018-06-13
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* - zero out struct ifrlns2018-06-13
| | | | Signed-off-by: lns <matzeton@googlemail.com>
* - initial gitlab yamllns2018-06-13
| | | | Signed-off-by: lns <matzeton@googlemail.com>
* POTD skeleton.lns2018-06-13
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Initial commit.Toni Uhlig2018-04-07
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Powered by cgit, Themed by Ted Yin.