16 releases (4 stable)
2.1.0 | Sep 6, 2024 |
---|---|
1.0.1 | Mar 27, 2024 |
0.8.1 | Nov 8, 2023 |
0.4.0 | Jul 26, 2023 |
#160 in Operating systems
41 downloads per month
Used in 2 crates
44KB
860 lines
priv_sep
priv_sep
is a library for privilege separation.
It is currently designed around pledge(2)
and
unveil(2)
for OpenBSD, but
in the future may contain functionality for Linux's
seccomp(2)
.
Pledge
Calls to pledge(2)
are done via Promises::pledge
and pledge_none
.
Note that since the use of execpromises
is quite rare, NULL
is always used for it.
Unveil
Calls to unveil(2)
are done via Permissions::unveil
and unveil_no_more
.
Errors
Any error returned from the underlying system call is propagated via Error
.
License
Licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0).
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT).
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Status
This package will be actively maintained to stay in-sync with the latest version of OpenBSD; as a result,
the crate is only tested on the x86_64-unknown-openbsd
target. While OpenBSD supports both the most recent
-release/-stable release as well as the previous version, only the most recent version will be supported by this
library. If using -stable, it may be necessary to build the
rust
port from -current.