nix-files

History

Colin f807d7c0a2 modules/programs: sane-sandboxed: bwrap: don't virtualize {/dev,/proc,/tmp} if explicitly asked to bind them instead this is necessary for some programs which want a near-maximial sandbox, like launchers or shells, or more specifically, `sane-private-do`.		2024-02-25 08:15:39 +00:00
..
default.nix	programs: sandboxing: distinguish between "existingFileOrParent" and "existingOrParent"	2024-02-25 01:59:01 +00:00
make-sandbox-profile.nix	modules/programs: rename allowedRootPaths -> allowedPaths	2024-02-12 13:00:10 +00:00
make-sandboxed.nix	modules/programs: make-sandboxed: fix incorrect "priority" attribute	2024-02-17 03:32:49 +00:00
sane-sandboxed	modules/programs: sane-sandboxed: bwrap: don't virtualize {/dev,/proc,/tmp} if explicitly asked to bind them instead	2024-02-25 08:15:39 +00:00
sane-sandboxed.nix	modules/programs: sane-sandboxed: optimize "normPath" to not invoke subshells	2024-02-18 12:08:23 +00:00