Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
* | Add personality to allow-debuggers (see #2021) | 2018-07-09 | ||
| | ||||
* | reverted commit 5a3eefa6e70e824f545add9169202f788a9ce14d, issue #1948 | 2018-05-20 | ||
| | ||||
* | tentative fix for issue #1948 | 2018-05-19 | ||
| | ||||
* | remove 64bit seccomp filter from 32bit architectures | 2018-05-06 | ||
| | ||||
* | consolidate makefiles | 2018-03-31 | ||
| | ||||
* | support Spectre mitigation patch for gcc compiler | 2018-03-23 | ||
| | ||||
* | move copyright statement to 2018 | 2018-01-14 | ||
| | ||||
* | replacing seccomp printing with a seccomp disassembler | 2017-12-28 | ||
| | ||||
* | strip trailing whitespace | 2017-11-19 | ||
| | ||||
* | seccomp mdwx: block pkey_mprotect like mprotect | 2017-11-11 | ||
| | ||||
* | Improve seccomp architecture support | 2017-09-10 | ||
| | ||||
* | "module" is already included in "privileged" | 2017-09-04 | ||
| | ||||
* | Improve seccomp support for non-x86 architectures | 2017-09-02 | ||
| | ||||
* | Workaround for build problems, but correct problem this time | 2017-09-02 | ||
| | ||||
* | Workaround for build problems on arm64, s390x and sparc64 | 2017-09-01 | ||
| | ||||
* | Improve cross-platform build | 2017-08-30 | ||
| | ||||
* | fix seccomp secondary filter printing on i386 platform | 2017-08-30 | ||
| | ||||
* | tentative fix for Debian cross-platform build | 2017-08-30 | ||
| | ||||
* | cleanup | 2017-08-27 | ||
| | ||||
* | fix seccomp.keep for #1490 | 2017-08-23 | ||
| | ||||
* | cleanup | 2017-08-23 | ||
| | ||||
* | seccomp: fix errno | 2017-08-22 | ||
| | ||||
* | Feature: switch/config option to block secondary architectures | 2017-08-19 | ||
| | | | | | | | | | Add a feature for a new (opt-in) command line switch and config file option to block secondary architectures entirely. Also block changing Linux execution domain with personality() system call for the primary architecture. Closes #1479 | |||
* | Postpone installation of seccomp filters just before execve | 2017-08-19 | ||
| | ||||
* | seccomp testing | 2017-08-18 | ||
| | ||||
* | memory-deny-write-execute testing | 2017-08-18 | ||
| | ||||
* | compile cleanup | 2017-08-15 | ||
| | ||||
* | Fix copy-paste | 2017-08-13 | ||
| | ||||
* | Allow any syscall to be blacklisted (#1447) | 2017-08-13 | ||
| | | | | | | | Allow any syscall to be blacklisted with aid of LD_PRELOAD library, libpostexecseccomp.so. Closes: #1447 | |||
* | Seccomp: split @default into more meaningful smaller groups | 2017-08-06 | ||
| | ||||
* | Seccomp: system call grouping and call numbers | 2017-08-06 | ||
| | ||||
* | get_mempolicy syscall was temporarily removed from the default seccomp list. ↵ | 2017-08-02 | ||
| | | | | | | It seems to break playing youtube videos on Firefox Nightly - #1414 | |||
* | Memory-deny-write-execute feature | 2017-07-30 | ||
| | | | | Feature to block attempts to create writable and executable memory. | |||
* | Improve seccomp printing | 2017-07-28 | ||
| | ||||
* | Improve cross build support by using configured compiler instead of make default | 2017-07-26 | ||
| | | | | https://bugs.debian.org/869707 | |||
* | Block some obsolete or unusual syscalls | 2017-07-25 | ||
| | ||||
* | Remove trailing whitespace from src/ | 2017-05-24 | ||
| | ||||
* | compile fixes on 32bit platforms | 2017-05-12 | ||
| | ||||
* | --quiet fixes | 2017-04-10 | ||
| | ||||
* | add new syscalls in default seccomp filter | 2017-03-31 | ||
| | ||||
* | copyright 2017 | 2017-02-11 | ||
| | ||||
* | copyright 2017 | 2017-02-11 | ||
| | ||||
* | cleanup | 2016-11-27 | ||
| | ||||
* | fixes | 2016-11-27 | ||
| | ||||
* | profiles | 2016-11-20 | ||
| | ||||
* | seccomp work 1 | 2016-11-20 | ||
| | ||||
* | fcopy part 1 | 2016-11-16 | ||
| | ||||
* | testing | 2016-11-12 | ||
| | ||||
* | gcov support | 2016-11-07 | ||
| | ||||
* | seccomp rework | 2016-11-06 | ||
| |