all repos — elgit @ 69a2505b2d69f744f137e299d0393d88b0f712f4

fork of legit: web frontend for git, written in go

use landlock to restrict permissions on linux

Alan Pearce
commit

69a2505b2d69f744f137e299d0393d88b0f712f4

parent

5195080e2b2b43a89235eb0384ad4095b53e2ed2

1 file changed, 29 insertions(+), 0 deletions(-)

changed files
A unveil_landlock.go
@@ -0,0 +1,29 @@
+//go:build linux +// +build linux + +package main + +import ( + "fmt" + + "github.com/landlock-lsm/go-landlock/landlock" +) + +var ll = landlock.V5 + +func Unveil(path string, perms string) error { + return nil +} + +func UnveilBlock() error { + return nil +} + +func UnveilPaths(paths []string, perms string) error { + switch perms { + case "r": + return ll.RestrictPaths(landlock.RODirs(paths...)) + default: + return fmt.Errorf("perms '%s' not handled", perms) + } +}