git.monstr.eu Git - linux-2.6-microblaze.git/commit

author	Mickaël Salaün <mic@linux.microsoft.com>
	Thu, 22 Apr 2021 15:41:21 +0000 (17:41 +0200)
committer	James Morris <jamorris@linux.microsoft.com>
	Thu, 22 Apr 2021 19:22:11 +0000 (12:22 -0700)
commit	ba84b0bf5a164f0f523656c1e37568c30f3f3303
tree	50f0cd2eab45a9bc48371833464209d670ca8035	tree \| snapshot
parent	e1199815b47be83346c03e20a3de76f934e4bb34	commit \| diff

samples/landlock: Add a sandbox manager example

Add a basic sandbox tool to launch a command which can only access a
list of file hierarchies in a read-only or read-write way.

Cc: James Morris <jmorris@namei.org>
Cc: Serge E. Hallyn <serge@hallyn.com>
Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
Reviewed-by: Jann Horn <jannh@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20210422154123.13086-12-mic@digikod.net
Signed-off-by: James Morris <jamorris@linux.microsoft.com>

MAINTAINERS		diff \| blob \| history
samples/Kconfig		diff \| blob \| history
samples/Makefile		diff \| blob \| history
samples/landlock/.gitignore	[new file with mode: 0644]	blob
samples/landlock/Makefile	[new file with mode: 0644]	blob
samples/landlock/sandboxer.c	[new file with mode: 0644]	blob