• madaidan's avatar
    Mount a new tmpfs on /tmp and drop all capabilities · 58773088
    madaidan authored
    This mounts a new tmpfs on /tmp so any files residing there would be hidden
    from the sandbox. Many programs store some files in there that might be useful
    to an attacker.  It also drops all capabilities incase it is ever run with
    extra capabilities for whatever reason.
    58773088
Name
Last commit
Last update
data Loading commit data...
doc Loading commit data...
libmat2 Loading commit data...
nautilus Loading commit data...
tests Loading commit data...
utils/ci/codespell Loading commit data...
.gitignore Loading commit data...
.gitlab-ci.yml Loading commit data...
.mailmap Loading commit data...
.pylintrc Loading commit data...
CHANGELOG.md Loading commit data...
CONTRIBUTING.md Loading commit data...
INSTALL.md Loading commit data...
LICENSE Loading commit data...
README.md Loading commit data...
mat2 Loading commit data...
setup.py Loading commit data...