landdown - Simple sandboxing for shell scripts

40 points by mccd

donio

Nice simple tool. I like that it doesn't require CGO and libc so it should be easy to run in bare environments.

Reading the code I learned about libpsx:

"kernel.org/pub/linux/libs/security/libcap/psx", provides an API for invoking system calls in a way that each system call is mirrored on all OS threads of the combined Go/CGo runtime.

https://sites.google.com/site/fullycapable/who-ordered-libpsx

kas

ArchLinux users can now install this directly from AUR:

https://aur.archlinux.org/packages/landdown-git

mccd

Neat, thank you!

Edit: I added the link to the README.
- kas
  
  Great. Please notice that in a git clone the README has permissions 0755, not the usual 0644.
catwell

Comment removed by author