Lynx is a simple unveil wrapper
https://andinus.nand.sh/lynx
Andinus
a129334aef
Previously the compilation would fail for non OpenBSD systems & the user had to manage it themselves. Now it compiles on non OpenBSD systems but returns nil immediately because unveil isn't supported on those systems. |
||
---|---|---|
LICENSE | ||
README.org | ||
block.go | ||
block_other.go | ||
commands.go | ||
commands_other.go | ||
go.mod | ||
go.sum | ||
path.go | ||
path_other.go | ||
paths.go | ||
paths_other.go |
README.org
Lynx
Lynx is a simple unveil wrapper.
Project Home | Lynx |
Source Code | Andinus / Lynx |
GitHub (Mirror) | Lynx - GitHub |
Examples
UnveilCommands
UnveilCommands takes a slice of commands & unveils them one by one, it will return an error if unveil fails at any step. "no such file or directory" error is ignored because binaries are not placed in every PATH.
Default permission is "rx".
package main
import "tildegit.org/andinus/lynx"
func main() {
commands := []string{"cd", "ls", "rm"}
err = lynx.UnveilCommands(commands)
if err != nil {
log.Fatal(err)
}
}
UnveilPaths / UnveilPathsStrict
UnveilPaths takes a map of path, permission & unveils them one by one, it will return an error if unveil fails at any step. "no such file or directory" error is ignored, if you want to get that error too then use UnveilPathsStrict.
package main
import "tildegit.org/andinus/lynx"
func main() {
paths := make(map[string]string)
paths["/home"] = "r"
paths["/dev/null"] = "rw"
paths["/etc/examples"] = "rwc"
paths["/root"] = "rwcx"
err = lynx.UnveilPaths(paths)
if err != nil {
log.Fatal(err)
}
// This will return an error if the path doesn't exist.
err = lynx.UnveilPathsStrict(paths)
if err != nil {
log.Fatal(err)
}
}