Searching txt.sour.is

Twts matching #gnu
Sort by: Newest, Oldest, Most Relevant
movq
www.uninformativ.de
 (2w ago)
In-reply-to » PSA: setpriv on Linux supports Landlock.

Another example:

$ setpriv \
    --landlock-access fs \
    --landlock-rule path-beneath:execute,read-file:/bin/ls-static \
    --landlock-rule path-beneath:read-dir:/tmp \
    /bin/ls-static /tmp/tmp/xorg.atom

The first argument --landlock-access fs says that nothing is allowed.

--landlock-rule path-beneath:execute,read-file:/bin/ls-static says that reading and executing that file is allowed. It’s a statically linked ls program (not GNU ls).

--landlock-rule path-beneath:read-dir:/tmp says that reading the /tmp directory and everything below it is allowed.

The output of the ls-static program is this line:

─rw─r──r────x 3000 200 07-12 09:19 22'491 │ /tmp/tmp/xorg.atom

It was able to read the directory, see the file, do stat() on it and everything, the little x indicates that getting xattrs also worked.

3000 and 200 are user name and group name – they are shown as numeric, because the program does not have access to /etc/passwd and /etc/group.

Adding --landlock-rule path-beneath:read-file:/etc/passwd, for example, allows resolving users and yields this:

─rw─r──r────x cathy 200 07-12 09:19 22'491 │ /tmp/tmp/xorg.atom

⤋ Read More
sorenpeter
darch.dk
 (35w ago)

@bender@twtxt.net The tagline of Timeline is “a single user twtxt/yarn pod” not just a yarn pod. Similar to GNU/Linux. When we came up with the concept of Yarn Social it was a way to rebrand twtxt with the extensions that makes conversations like this possible.

⤋ Read More
oevl
oevl.info
 (5y ago)

Well, it was not a proper fix, more like a duck-tape mend, the right thing to do is to add a BSD branch and fix the calls to BSD’s awk and fmt so they produce the data in the way the rest of the code expects it. #txtnish #gnu #bsd

⤋ Read More