| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
|
|
|
| |
I still have some things I want to explore with this example, so I
don't want to give the impression this is a stable example.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Go has its own notion of major version, and this commit raises
it from 0 to 1. That is, these modules should now be considered
stable.
The sources for the 1.2.48 and the 0.2.48 modules are otherwise
identical.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
|
|
|
| |
The whole uid=0 thing is so convoluted with privilege, best to just
avoid it by default.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
| |
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since go 1.15 doesn't require the wrapping linker trick, I'm recommending
that version of Go for building it. Also add a test of building the
setid and gowns sources in the .../go/ directory.
At this stage, I'm imagining a tutorial on how gowns works here:
https://sites.google.com/site/fullycapable/getting-started-with-go
but I haven't started writing that yet. I first want to confirm the
state of all the features I want to use.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
|
|
|
|
| |
Also, simplify how to set a range of uids/gids from the commandline.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|
|
A short program in Go that can invoke a UID namespaced application
it can also be used to launch capability modified programs using
IAB and mode. This is a reduced feature set over the more complete
capsh program - with the exception of namespace support.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
|