linux/samples/landlock
Konstantin Meskhidze 5e990dcef1
samples/landlock: Support TCP restrictions
Add TCP restrictions to the sandboxer demo. It's possible to allow a
sandboxer to bind/connect to a list of specified ports restricting
network actions to the rest of them. This is controlled with the new
LL_TCP_BIND and LL_TCP_CONNECT environment variables.

Rename ENV_PATH_TOKEN to ENV_DELIMITER.

Signed-off-by: Konstantin Meskhidze <konstantin.meskhidze@huawei.com>
Link: https://lore.kernel.org/r/20231026014751.414649-12-konstantin.meskhidze@huawei.com
[mic: Extend commit message]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
2023-10-26 21:07:17 +02:00
..
.gitignore samples/landlock: Add a sandbox manager example 2021-04-22 12:22:11 -07:00
Makefile samples/landlock: Add a sandbox manager example 2021-04-22 12:22:11 -07:00
sandboxer.c samples/landlock: Support TCP restrictions 2023-10-26 21:07:17 +02:00