syzkaller

mirror of https://github.com/reactos/syzkaller.git synced 2024-11-28 22:00:24 +00:00

History

Dmitry Vyukov 4782c2b8e6 executor: revive setuid sandbox The new namespace-based sanboxing is good, but it's not always what one wants (and also requires special kernel configs). Change dropprivs config value to sandbox, which can have different values (currently: none, setuid, namespace). Setuid mode uses setuid(nobody) before fuzzing as before. In future we can add more sandboxing modes or, say, extend -sandbox=setuid to -sandbox=setuid:johndoe to impersonolate into given user.	2016-07-01 22:26:33 +02:00
..
executor.cc	executor: revive setuid sandbox	2016-07-01 22:26:33 +02:00
syscalls.h	executor: add support for 386 arch (COMPAT syscalls)	2016-06-30 20:11:04 +02:00

Dmitry Vyukov 4782c2b8e6 executor: revive setuid sandbox

The new namespace-based sanboxing is good,
but it's not always what one wants
(and also requires special kernel configs).

Change dropprivs config value to sandbox,
which can have different values (currently: none, setuid, namespace).
Setuid mode uses setuid(nobody) before fuzzing as before.

In future we can add more sandboxing modes or, say,
extend -sandbox=setuid to -sandbox=setuid:johndoe
to impersonolate into given user.

2016-07-01 22:26:33 +02:00

executor.cc

executor: revive setuid sandbox

2016-07-01 22:26:33 +02:00

syscalls.h

executor: add support for 386 arch (COMPAT syscalls)

2016-06-30 20:11:04 +02:00