Skip to content
Snippets Groups Projects
Unverified Commit 369b48b4 authored by Tahera Fahimi's avatar Tahera Fahimi Committed by Mickaël Salaün
Browse files

samples/landlock: Add support for abstract UNIX socket scoping 


The sandboxer can receive the character "a" as input from the
environment variable LL_SCOPE to restrict sandboxed processes from
connecting to an abstract UNIX socket created by a process outside of
the sandbox.

Example
=======

Create an abstract UNIX socket to listen with socat(1):
  socat abstract-listen:mysocket -

Create a sandboxed shell and pass the character "a" to LL_SCOPED:
  LL_FS_RO=/ LL_FS_RW=. LL_SCOPED="a" ./sandboxer /bin/bash

Note that any other form of input (e.g. "a:a", "aa", etc) is not
acceptable.

If the sandboxed process tries to connect to the listening socket, the
connection will fail:
  socat - abstract-connect:mysocket

Signed-off-by: default avatarTahera Fahimi <fahimitahera@gmail.com>
Link: https://lore.kernel.org/r/d8af908f00b77415caa3eb0f4de631c3794e4909.1725494372.git.fahimitahera@gmail.com


[mic: Improve commit message, simplify check_ruleset_scope() with
inverted error code and only one scoped change, always unset environment
variable]
Signed-off-by: default avatarMickaël Salaün <mic@digikod.net>
parent 644a7285
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment