summaryrefslogtreecommitdiff
path: root/src/common/sandbox.c
AgeCommit message (Expand)Author
2015-03-04Add wait4 to the seccomp2 sandbox allowable syscall listNick Mathewson
2014-09-29Don't use the getaddrinfo sandbox cache from tor-resolveNick Mathewson
2014-06-11Fix a 32-big conversion warning in 11970 fixNick Mathewson
2014-06-11Merge remote-tracking branch 'public/bug11970'Nick Mathewson
2014-06-11Yield a real error in the bug case of sandbox_getaddrinfo()Nick Mathewson
2014-06-08Spell getrlimit correctly.Nick Mathewson
2014-05-29sandbox: allow enough setsockopt to make ConstrainedSockets workNick Mathewson
2014-05-27sandbox: permit listen(2)Nick Mathewson
2014-05-27Log the errno value if seccomp_load() fails.Nick Mathewson
2014-05-27Make sandbox.c compile on armNick Mathewson
2014-05-22sandbox: revamp sandbox_getaddrinfo cacheingNick Mathewson
2014-05-20sandbox: permit gettid, sched_getaffinityNick Mathewson
2014-05-20sandbox: Disallow options which would make us call exec()Nick Mathewson
2014-04-25resolve a typo: sanboxing->sandboxing.Nick Mathewson
2014-04-18Improved message when running sandbox on Linux without libseccompNick Mathewson
2014-04-17Remove spurious libevent include in sandbox.cNick Mathewson
2014-04-16Log the name of the failing syscall on failureNick Mathewson
2014-04-16Sandbox: permit O_NONBLOCK and O_NOCTTY for files we refuseNick Mathewson
2014-04-16Don't allow change to ConnLimit while sandbox is activeNick Mathewson
2014-04-16Use SCMP_CMP_MASKED_EQ to allow flags, not force themNick Mathewson
2014-04-16Get Libevent's PRNG functioning under the linux sandboxNick Mathewson
2014-04-16Introduce arg-counting macros to wrap seccomp_rule_add()Nick Mathewson
2014-04-16Fix sandbox protection for renameNick Mathewson
2014-04-16Upgrade warning about missing interned string for sandboxNick Mathewson
2014-04-16Have sandbox string protection include multi-valued parmeters.Nick Mathewson
2014-04-16Clean up sandbox structures a bitNick Mathewson
2014-04-16Add missing rename function for non-linux platformsNick Mathewson
2014-04-16Drop 'fr' parameter from sandbox code.Nick Mathewson
2014-04-16Add 'rename' to the sandboxed syscallsNick Mathewson
2014-04-16Only intern one copy of each magic string for the sandboxNick Mathewson
2014-04-16Fix some initial sandbox issues.Nick Mathewson
2014-04-10Log a backtrace when the sandbox finds a failureNick Mathewson
2014-04-10Make the sandbox code allow the writev() syscall.Nick Mathewson
2014-03-13Fix some leaks/missed checks in the unit testsNick Mathewson
2014-02-02Add a sandbox rule to allow IP_TRANSPARENTNick Mathewson
2014-01-17whitespace fixesNick Mathewson
2014-01-06Fix some seccomp2 issuesNick Mathewson
2013-11-18Merge branch 'backtrace_squashed'Nick Mathewson
2013-11-18Add a sighandler-safe logging mechanismNick Mathewson
2013-09-16Fix a memory leak on getaddrinfo in sandbox. Found by coverityNick Mathewson
2013-09-16Clean up malloc issues in sandbox.cNick Mathewson
2013-09-13Merge remote-tracking branch 'ctoader/gsoc-cap-stage2'Nick Mathewson
2013-09-12fixed compilation bug on i386 due to previous fixCristian Toader
2013-09-12bug fix: syscalls send and recv not supported for x86_64 with libseccomp 1.0.1Cristian Toader
2013-09-12remove debugging codeCristian Toader
2013-09-12added extra buffer and limit to mprotect not to exceed the length of that bufferCristian Toader
2013-09-10added filter protection for string parameter memoryCristian Toader
2013-09-10fixed socket syscall bugCristian Toader
2013-09-09Fix check-spacesNick Mathewson
2013-09-09Fix compilation on OSXNick Mathewson
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion