[PATCH v30 11/12] samples/landlock: Add a sandbox manager example

Kees Cook keescook at chromium.org
Fri Mar 19 17:26:25 UTC 2021


On Tue, Mar 16, 2021 at 09:42:51PM +0100, Mickaël Salaün wrote:
> From: Mickaël Salaün <mic at linux.microsoft.com>
> 
> Add a basic sandbox tool to launch a command which can only access a
> list of file hierarchies in a read-only or read-write way.
> 
> Cc: James Morris <jmorris at namei.org>
> Cc: Kees Cook <keescook at chromium.org>
> Cc: Serge E. Hallyn <serge at hallyn.com>
> Signed-off-by: Mickaël Salaün <mic at linux.microsoft.com>

I'm very happy to see any example!

Reviewed-by: Kees Cook <keescook at chromium.org>

-- 
Kees Cook



More information about the Linux-security-module-archive mailing list