Comment by papercrane
1 day ago
> I'd love to see pledge/unveil on (upstream) Linux - but I'm not holding my breath
There is Landlock now, I believe it would be possible to implement unveil and pledge on top of that.
1 day ago
> I'd love to see pledge/unveil on (upstream) Linux - but I'm not holding my breath
There is Landlock now, I believe it would be possible to implement unveil and pledge on top of that.
Apparently someone tried wrapping landlock in unveil:
https://clehaxze.tw/gemlog/2022/04-02-landlock-unveil-experi...
https://github.com/marty1885/landlock-unveil
... And looks like cosmopolitan libc wraps landlock for unveil, in addition to implement pledge.
One of HN's favorite hackers has done that: https://news.ycombinator.com/item?id=32096801
> favorite
Interesting choice of word
She's excellent and her stuff has made it to the front page many times. I love seeing her work come up and I imagine many others here feel the same way.