forked from Minki/linux
ba84b0bf5a
Add a basic sandbox tool to launch a command which can only access a list of file hierarchies in a read-only or read-write way. Cc: James Morris <jmorris@namei.org> Cc: Serge E. Hallyn <serge@hallyn.com> Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com> Reviewed-by: Jann Horn <jannh@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20210422154123.13086-12-mic@digikod.net Signed-off-by: James Morris <jamorris@linux.microsoft.com>
14 lines
217 B
Makefile
14 lines
217 B
Makefile
# SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
userprogs-always-y := sandboxer
|
|
|
|
userccflags += -I usr/include
|
|
|
|
.PHONY: all clean
|
|
|
|
all:
|
|
$(MAKE) -C ../.. samples/landlock/
|
|
|
|
clean:
|
|
$(MAKE) -C ../.. M=samples/landlock/ clean
|