filed
Job queue using FUSE
git clone git://mccd.space/filed
| Log | Files | Refs | README | LICENSE |
commit f8a33d2865f1e030036e53ab0119ce00ea35180a parent 61b5e55411a834a8338c72dc1944dd0e5e3786a3 Author: Marc Coquand <marc@coquand.email> Date: Thu, 18 Dec 2025 14:19:28 +0100 Add further lockdown Diffstat:
| M | filed-launch.1.scd | | | 7 | +++++++ |
1 file changed, 7 insertions(+), 0 deletions(-) diff --git a/filed-launch.1.scd b/filed-launch.1.scd @@ -16,4 +16,11 @@ access using *landlock*(7). If no arguments are applied, the _executable_ is launched with full access to the file system. +# EXAMPLE +Echo hello world: + $ filed-launch -ro /usr/bin -ro /lib -ro /proc -- echo hello + +Attempt to access a file outside of scope: + $ filed-launch -rof /usr/bin/cat -ro /lib -- cat $HOME/some-file + cat: /home/bob/some-file: Permission denied