Commit Briefs
fix loose object file header parser for zero-length headers
ok millert tracey
fix landlock usage: handled_access_fs must list all actions
The ruleset's handled_access_fs has to list all the defined actions because otherwise missing ones are implicitly permitted. Thus, the previous version ended up allowing "almost everything" except reading files. Original diff from Mickaël Salaün, thanks! ok thomas
s/ENOTSUP/EOPNOTSUPP/
linux defines these errors to the same values, but the landlock doc uses `EOPNOTSUPP' consistently. Spotted initially by brynet@ and reminded by Mickaël Salaün, thanks! ok thomas
portable: add support for landlock
landlock is a new set of linux APIs that is conceptually similar to unveil(2): the idea is to restrict what a process can do on a specified part of the filesystem. There are some differences in the behaviour: the major one being that the landlock ruleset is inherited across execve(2). This just restricts the libexec helpers by completely revoking ANY filesystem access; after all they are the biggest attack surface. got send/fetch/clone *may* end up spawning ssh(1), so at the moment is not possible to landlock the main process. From Omar Polo.
fix 'got status' reporting all directories on NFS mounts as unversioned
Problem found and fix tested by Ted Bullock. ok millert, naddy
Release 0.66 (tags/0.66)
fix file corruption regression in 'got checkout' caused by commit db696021
got-read-pack must rewind its files temporary files before reusing them. Problem reported by naddy ok tracey naddy