colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

programs: jq: sandbox

Browse Source
This commit is contained in:
Colin 2024-02-25 01:56:30 +00:00
parent 73b2594d9b
commit f714bd8281
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
hosts/common/programs/assorted.nix
View File

@ -587,9 +587,9 @@ in
iw.sandbox.net = "all";
iw.sandbox.capabilities = [ "net_admin" ];
# jq.sandbox.method = "bwrap";
# jq.sandbox.wrapperType = "wrappedDerivation";
# jq.sandbox.autodetectCliPaths = true; # liable to over-detect, but how else to sandbox?
jq.sandbox.method = "bwrap";
jq.sandbox.wrapperType = "wrappedDerivation";
jq.sandbox.autodetectCliPaths = "existingFile";
killall.sandbox.method = "landlock";
killall.sandbox.wrapperType = "wrappedDerivation";