chawan - Chawan - a web browser for your terminal (mirror)

	Commit message (Collapse)	Author	Age	Files	Lines
*	network.chasc: allow gettimeofday too	bptato	2024-11-18	1	-0/+3
\| \| \| \|	continuation of 79d832c37
*	network.chasc: allow clock_gettime	bptato	2024-11-17	1	-0/+6
\| \| \| \| \| \| \|	ref. https://todo.sr.ht/~bptato/chawan/23 TODO: I'm not quite sure why it's getting called. curls operate in mysterious ways.
*	Fix some C warnings, more makefile vars, etc.	bptato	2024-11-08	2	-8/+12
\| \| \| \| \| \| \|	* add some more env vars to makefile * remove fpermissive from GCC builds * update Monoucha * fix borked seccomp filter length safety check (ugh)
*	chaseccomp: update docs, remove redundant import	bptato	2024-11-07	2	-7/+11
\|
*	chaseccomp: lock down clone; fix mprotect on bionic	bptato	2024-11-04	5	-10/+23
\| \| \| \| \| \| \| \| \| \| \|	* add restrictions on clone for buffer filter - hardcoded it for musl, glibc and bionic. hopefully they don't change it too soon... * remove define directive from gen_syscalls - now the arch nr check is hardcoded in gen_defs. makes things a bit less complex. * fix borked mprotect filter on bionic - this completely broke the browser.
*	chaseccomp: revert parts of d9ca197e	bptato	2024-10-31	3	-5/+6
\| \| \| \| \| \| \| \| \|	* abort on network sandbox violation - it's probably better not to, but I want to think this through a bit more before changing it for good (and then do it consistently, i.e. also for the buffer process.) * revert case variable quoting - the lack of field splitting is specified by POSIX, and the readme states that we target POSIX. no need to be paranoid about imaginary shells.
*	chaseccomp: fix compilation with newest dash, misc changes	bptato	2024-10-31	6	-21/+70
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	* fix matching on unstripped whitespace: caught after upgrading to upstream dash & chaseccomp wouldn't compile * add defines to ensure that we computed the filter length correctly * inline cut_label * EPERM on sigaction, sigprocmask, gettid, and kill on tgkill (so a crash doesn't trigger sandbox violations) * move SIGSYS handler to C and add one for the network The last change removes the stack trace from SIGSYS, but gives us the syscall number which is probably more useful. (Indeed, we don't even have a stack trace in release builds.)
*	chaseccomp: update readme	bptato	2024-10-26	1	-3/+3
\|
*	sandbox: replace libseccomp with chaseccomp	bptato	2024-10-23	10	-0/+487
	This drops libseccomp as a dependency. Also, move the capsicum/pledge definitions from bindings to sandbox.nim because they are only used there. Interestingly, after integrating chaseccomp I found that the stbi process would mysteriously crash by a getrandom(2) syscall. Closer investigation revealed it is only called on the initialization of glibc's malloc; presumably it had never surfaced before because libseccomp would always allocate before entering the sandbox. So I've added getrandom to our filter as well.