projects / oweals / procd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b275a62) | patch
jail: make /proc more secure
authorDaniel Golle <daniel@makrotopia.org>
Sun, 12 Apr 2020 20:12:20 +0000 (21:12 +0100)
committerDaniel Golle <daniel@makrotopia.org>
Mon, 13 Apr 2020 01:05:42 +0000 (02:05 +0100)
commit511fd97b5355dd51632f48cf2354eeb7e6aa6260
treea5997bcd6d6889bf0ef101c900ea55bbc5ecd869tree | snapshot
parentb275a6299e8b1c2e2afcca02a5c333cd3ea60f09commit | diff
jail: make /proc more secure

Make sure /proc/sys is read-only while keeping read-write access to
/proc/sys/net if spawning a new network namespace.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
jail/jail.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.