pacman

Author	SHA1	Message	Date
Remi Gacogne	fa249f9c3b	libalpm: Failure to enable Landlock or seccomp is a download error	2025-05-17 20:47:50 +02:00
Allan McRae	f13d7d480c	Update copyright years ./build-aux/update-copyright 2024 2025 Signed-off-by: Allan McRae <allan@archlinux.org>	2025-04-02 11:35:34 +10:00
Guillaume	a2d029388c	fix a segfault in sandbox.c if handle->dlcb is null	2024-09-28 08:10:46 +00:00
Remi Gacogne	cf473bcfbd	Ensure that the download process cannot get new privileges Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>	2024-08-02 00:39:45 +00:00
Remi Gacogne	f142df92c7	Restrict syscalls for the download process whenever possible Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>	2024-08-02 00:39:45 +00:00
Remi Gacogne	9f8f94c056	Add --disable-sandbox and DisableSandbox Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>	2024-06-17 11:01:42 +10:00
Remi Gacogne	eacadbcc41	Restrict filesystem access to the download process whenever possible Signed-off-by: Remi Gacogne <rgacogne@archlinux.org>	2024-06-14 09:30:20 +02:00
Remi Gacogne	62c6874689	Add callbacks for sandboxed operations Add log and download callbacks to use within a sandbox. These are designed to be passed from the sandbox to the parent through a file descriptor and then processed into alpm callbacks to be passed to the frontend. Note, only callbacks used in libalpm are added. Other callbacks should be set to NULL in the child process.	2024-04-01 20:52:55 +00:00
Remi Gacogne	ce83cf6361	Provide function for switching user in child processes Add alpm_sandbox_child() function that will be used for switching to a less priviledged user to run child processes. Signed-off-by: Allan McRae <allan@archlinux.org>	2024-04-01 20:52:55 +00:00

9 commits