colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

sanebox: allow /dev/fd in the sandbox by default

Browse Source
This commit is contained in:
Colin
2024-08-05 22:55:12 +00:00
parent 5eca45891b
commit d1b4e9c923
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/additional/sanebox/sanebox
View File

@@ -768,7 +768,9 @@ landlockSetup() {
# typical failure mode: # typical failure mode:
# - /tmp: application can't perform its task # - /tmp: application can't perform its task
# - /dev/{null,random,urandom,zero}: application warns but works around it # - /dev/{null,random,urandom,zero}: application warns but works around it
# - /dev/fd/*: application fails to open its stdin/stdout/etc
paths+=( paths+=(
/dev/fd
/dev/null /dev/null
/dev/random /dev/random
/dev/urandom /dev/urandom