syzkaller

mirror of https://github.com/reactos/syzkaller.git synced 2024-11-30 23:00:29 +00:00

History

Dmitry Vyukov 4782c2b8e6 executor: revive setuid sandbox The new namespace-based sanboxing is good, but it's not always what one wants (and also requires special kernel configs). Change dropprivs config value to sandbox, which can have different values (currently: none, setuid, namespace). Setuid mode uses setuid(nobody) before fuzzing as before. In future we can add more sandboxing modes or, say, extend -sandbox=setuid to -sandbox=setuid:johndoe to impersonolate into given user.	2016-07-01 22:26:33 +02:00
..
fuzzer.go	executor: revive setuid sandbox	2016-07-01 22:26:33 +02:00

Dmitry Vyukov 4782c2b8e6 executor: revive setuid sandbox

The new namespace-based sanboxing is good,
but it's not always what one wants
(and also requires special kernel configs).

Change dropprivs config value to sandbox,
which can have different values (currently: none, setuid, namespace).
Setuid mode uses setuid(nobody) before fuzzing as before.

In future we can add more sandboxing modes or, say,
extend -sandbox=setuid to -sandbox=setuid:johndoe
to impersonolate into given user.

2016-07-01 22:26:33 +02:00

fuzzer.go

executor: revive setuid sandbox

2016-07-01 22:26:33 +02:00