aboutsummaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* update copyright headersMike Frysinger2024-01-011-2/+2
* Fix fuzz-dumpelf testAliaksei Urbanski2023-11-231-0/+4
* Undo IWYU fixesSam James2023-01-291-13/+0
* *: IWYU fixesSam James2023-01-281-0/+13
* security.h: suppress unused argument warning on allow_forkingArsen Arsenović2022-07-121-0/+1
* security: pregen seccomp bpf programsv1.3Mike Frysinger2021-04-171-190/+24
* security.c: allow faccessat2 syscall in seccomt filters (take 2)v1.2.9Sergei Trofimovich2021-02-031-0/+5
* Revert "security.c: allow faccessat2 syscall in seccomt filters"Sergei Trofimovich2021-02-031-1/+0
* security.c: allow faccessat2 syscall in seccomt filtersSergei Trofimovich2021-02-031-0/+1
* security.c: allow 'statx' in seccomp sandbox (musl-1.1.24)v1.2.6Sergei Trofimovich2020-04-131-0/+1
* security.c: allow 'semtimedop' in seccomp sandbox (glibc-2.31)Sergei Trofimovich2020-02-161-0/+1
* security.c: whitelist ipc() syscall for fakeroot on ppc64 and friendsv1.2.4Sergei Trofimovich2019-01-141-0/+6
* security: fix building on much older systemsv1.2Mike Frysinger2017-01-211-1/+24
* security: whitelist readlinkatv1.1.6Mike Frysinger2016-03-031-0/+1
* security: allow more read/write syscallsMike Frysinger2016-02-101-0/+5
* security: whitelist the getcwd syscallv1.1.4Mike Frysinger2015-10-261-0/+1
* security: fix build on systems w/out si_syscallv1.1.3Mike Frysinger2015-09-191-1/+4
* security: whitelist the futex syscallMike Frysinger2015-09-191-0/+3
* security: whitelist dup syscallsv1.1.2Mike Frysinger2015-09-111-0/+3
* security: do not warn when seccomp is disabled in the kernelv1.1.1Mike Frysinger2015-08-271-2/+5
* security: whitelist fakeroot syscallsMike Frysinger2015-08-261-0/+7
* security: add a debug handler for seccompMike Frysinger2015-08-241-1/+26
* security: clean up syscall ifdefsMike Frysinger2015-08-241-18/+0
* security: use seccomp to lock ourselves downv1.1Mike Frysinger2015-08-201-0/+147
* security: lock down privs a bit via prctlMike Frysinger2015-08-201-0/+9
* security: leverage namespaces to restrict the runtime a bitMike Frysinger2015-08-201-0/+89