sydb☮x-scm improves seccomp for read only open calls which is a noticable optimization considering the overall count of trace stops, see details here: https://commits.exherbo.org/sydbox-1:8bc285f which shows remarkable improvements of reduction in open{,at} calls and build times. Apart from the commit message there’s the benchmark https://git.exherbo.org/sydbox-1.git/tree/bench/2021.05.30-paludis-seccomp-open.txt on my build host which has the timing to build the current paludis-3.0.0 (scm). Help test sydb☮x-scm, report back and enjoy! #exherbo #sydb☮x
Pand☮ra’s Box: A helper for sydb☮x, a ptrace & seccomp based sandbox to make sandboxing practical. This makes it easy for the end user to use secure computing for practical, daily purposes. https://crates.io/crates/pandora_box #exherbo #sydb☮x #pandora
sydb☮x-1.2.0 is released with seccomp allowing readonly open{,at} w/o trace-stop, stricter defaults for all default sandbox modes but read, seccomp & ptrace seize usage defaulting to on & the shared memory writable restriction defaulting to on. Finally, this version implements an improved & simpler dump interface which the helper Pand☮ra can read to generate profiles for practical, daily applications such as mail client, browser etc. A sample profile for Firefox is added too! #exherbo #sydb☮x
added note about sydb☮x, Pand☮ra & PinkTrace to Seccomp Wikipedia page under software using seccomp-bpf: https://en.wikipedia.org/wiki/Seccomp #exherbo #sydb☮x #pandora
PinkTrace-1.0.0 released with AArch64 (arm64) architecture support with a few important bug fixes. See the new homepage at https://pinktrace.exherbo.org and browse the c api documentation at https://dev.exherbo.org/~alip/pinktrace/api/c/ and python bindings documentation at https://dev.exherbo.org/~alip/pinktrace/api/python/ #exherbo #sydb☮x #pinktrace #aarch64 #arm64
sydb☮x changes PN for peace: https://dev.exherbo.org/~alip/images/sydbox-changes-PN-for-peace-2021-07-04.png #sydb☮x #exherbo
sydb☮x moved to sourcehut! https://sr.ht/~alip/sydbox/ #sydb☮x #exherb☮
başladım bir isyâna, bir de baktım kï daha baştayım… #sydb☮x
Bïr çïçeğïm hⒶlk ☮rmⒶnındⒶ, Fışkırdım, bⒶşkⒶldırıy☮rum! Ben bïr bıçⒶk ucuyum, KⒶvgⒶ vermïş hⒶlkınⒶ, BⒶşkⒶldırıy☮rum ïşte, VⒶrın benïm fⒶrkımⒶ ! #sydb☮x
The hblock tracker list is slowly converging… syd-addr: Sorted »130368« IP address hashes in »0.019322« seconds. #sydb☮x