1. 17 Oct, 2019 2 commits
  2. 13 Oct, 2019 1 commit
    • jvoisin's avatar
      Copy file permissions · 4034cf9a
      jvoisin authored
      Mat2 (the cli) will now copy the input file permissions
      to the output file.
      4034cf9a
  3. 12 Oct, 2019 7 commits
  4. 05 Oct, 2019 1 commit
    • madaidan's avatar
      Mount a new tmpfs on /tmp and drop all capabilities · 58773088
      madaidan authored
      This mounts a new tmpfs on /tmp so any files residing there would be hidden
      from the sandbox. Many programs store some files in there that might be useful
      to an attacker.  It also drops all capabilities incase it is ever run with
      extra capabilities for whatever reason.
      58773088
  5. 21 Sep, 2019 1 commit
    • jvoisin's avatar
      Fix bubblewrap · 37145531
      jvoisin authored
      On some machines (like mine), `/proc` has to be mounted.  Also, since
      sandboxing with bubblewrap is best effort and assumes that an attacker doesn't
      have control outside of the file to clean, it's safe to __try__ to enable some
      bubblewrap features, and to silently fail otherwise.
      37145531
  6. 01 Sep, 2019 5 commits
  7. 31 Aug, 2019 1 commit
  8. 01 Aug, 2019 1 commit
  9. 22 Jul, 2019 5 commits
  10. 20 Jul, 2019 1 commit
  11. 17 Jul, 2019 1 commit
  12. 14 Jul, 2019 4 commits
  13. 13 Jul, 2019 5 commits
  14. 10 Jul, 2019 1 commit
  15. 05 Jun, 2019 1 commit
  16. 16 May, 2019 1 commit
  17. 15 May, 2019 1 commit
    • jvoisin's avatar
      Use memoization get _*_path() functions · 35d550d2
      jvoisin authored
      This shouldn't make a big difference in the CLI/extension
      usage, but might improve the performances of long-running
      instances, or people misusing the API.
      35d550d2
  18. 13 May, 2019 1 commit