Commit Graph

Select branches

Hide Pull Requests

master

Mono Color

• 26358a57da Add more tools to claude profile's allowedTools master mrtoth 2026-05-02 02:39:06 +02:00
• 38f09ac461 Remove non-functional pattern from claude allowedTools, add working one mrtoth 2026-04-30 16:54:12 +02:00
• 1165aea9aa Stop overriding the sandbox hostname mrtoth 2026-04-27 21:08:05 +02:00
• 105eafef2e Move codex home mrtoth 2026-04-27 09:32:39 +02:00
• af731a107f Add pi agent profile mrtoth 2026-04-27 08:38:15 +02:00
• 6e81866226 Default to whitelist mode and parallelize tests mrtoth 2026-04-27 08:18:41 +02:00
• c77dbc10c3 Implement profile inheritance mrtoth 2026-04-26 23:51:32 +02:00
• 7f9b21ef4f Organize test code better mrtoth 2026-04-25 15:10:42 +02:00
• 0ea83b2af0 Implement extra-config option mrtoth 2026-04-24 19:36:27 +02:00
• a9f5593f03 Extract claude and codex configs into separate profiles mrtoth 2026-04-24 08:31:37 +02:00
• 7c9375cd94 Canonicalize blacklist overlay paths to skirt /var/run symlink mrtoth 2026-04-23 18:47:27 +02:00
• 862feada05 Document hardening, network default, and profile merge rules mrtoth 2026-04-22 23:14:39 +02:00
• 6933deb441 Document config-example.toml as the canonical deployed config mrtoth 2026-04-22 22:43:46 +02:00
• 972747a891 Whitelist terminal identity and pager env vars mrtoth 2026-04-22 22:34:01 +02:00
• 1e9b7735a8 Mount agent-config repo ro in example config mrtoth 2026-04-22 21:51:15 +02:00
• 305ac9d927 Accept SRC:DST remap syntax in --ro/--rw mrtoth 2026-04-22 21:51:00 +02:00
• 06bb638737 Document all config options with commented examples mrtoth 2026-04-22 20:47:11 +02:00
• 494da52fc6 Replace setenv with env list supporting host passthrough mrtoth 2026-04-22 20:47:01 +02:00
• 76c5be0e72 Fix misinformation in seccomp comments mrtoth 2026-04-13 17:03:38 +02:00
• 7b7294d94e Follow symlinks when classifying sensitive paths in blacklist mode mrtoth 2026-04-13 16:49:42 +02:00
• bd1f938f54 Block CLONE_NEWUSER in seccomp argument filter on clone mrtoth 2026-04-13 16:46:15 +02:00
• 0d0682b04e Replace --new-session with seccomp TIOCSTI/TIOCLINUX filter mrtoth 2026-04-12 15:58:50 +02:00
• 8f30d28965 Let --rw override --ro on a child path by emitting ro binds first mrtoth 2026-04-12 14:36:07 +02:00
• 327c2933e7 Add README note about ubuntu apparmor woes with bubblewrap mrtoth 2026-04-08 09:27:40 +02:00
• 25f0037aab Filter environment variables in both sandbox modes mrtoth 2026-04-08 09:22:11 +02:00
• 12644ae31e Apply a seccomp-BPF syscall allowlist by default mrtoth 2026-04-08 08:34:34 +02:00
• 5f3b139457 Drop redundant trim() before split_whitespace() mrtoth 2026-04-08 00:23:15 +02:00
• 8010e9102e Allow disabling boolean flags from the CLI mrtoth 2026-04-08 00:22:50 +02:00
• 17f0e84005 Allow setting entrypoint from CLI mrtoth 2026-04-07 18:02:03 +02:00
• 83bd4305c7 Bind symlinked rw/ro paths at the user-written destination mrtoth 2026-04-07 17:45:38 +02:00
• f0711f2894 Ship an example config file mrtoth 2026-04-07 15:10:10 +02:00
• cab0eb74d7 Error out if no entrypoint or command is passed (drop claude default) mrtoth 2026-04-04 10:19:58 +02:00
• 062ddab5f8 Add entrypoint option mrtoth 2026-04-04 10:16:57 +02:00
• 8ecba5d6dc Add option to pass through arguments to brwap, use shlex for dry-run mrtoth 2026-04-04 08:41:40 +02:00
• 8958f79ece Document and expand test coverage of config file feature mrtoth 2026-04-04 07:46:28 +02:00
• db60fb9ddb Reject unknown config keys mrtoth 2026-04-01 23:51:47 +02:00
• c7c4c673cb Add mask option to hide paths/files from sandbox mrtoth 2026-04-01 23:19:08 +02:00
• 0119834d5a Implement config file parsing and precedence with CLI mrtoth 2026-03-31 01:22:08 +02:00
• f1d7a14b8d Ensure root filesystem is always read-only inside sandbox mrtoth 2026-03-29 16:50:59 +02:00
• 389e38a800 Add CLAUDE.md and AGENTS.md with build rules and pitfalls mrtoth 2026-03-25 23:59:37 +01:00
• 99f9395c10 Move require_run_user to lib.rs and make blacklist module private mrtoth 2026-03-25 23:54:35 +01:00
• 5fc7eb3c11 Consolidate whitelist mode setup into add_whitelist_mode mrtoth 2026-03-25 23:43:48 +01:00
• 960b034a80 Run integration tests serially to avoid /tmp race conditions mrtoth 2026-03-25 23:43:26 +01:00
• b200be9490 Add README with security model documentation mrtoth 2026-03-25 23:13:16 +01:00
• d79563d948 Add integration test for /dev/input/ being hidden in blacklist mode mrtoth 2026-03-25 23:02:24 +01:00
• 167439c156 Add fish/nushell history and /tmp leaks to SENSITIVE_PATHS mrtoth 2026-03-25 23:00:52 +01:00
• 6349709024 Add container, WM, package manager, and database sockets to SENSITIVE_PATHS mrtoth 2026-03-25 22:58:12 +01:00
• d3f8986b77 Sort dirs before files in resolve_overlays mrtoth 2026-03-25 22:54:56 +01:00
• 82f84247f1 Rework handling of /run and ${RUNUSER} in blacklist mode mrtoth 2026-03-25 22:48:39 +01:00
• 0bd91ffad2 Add /sys to whitelist mode mrtoth 2026-03-25 22:22:35 +01:00
• dccf2309a5 Add --new-session to bwrap invocation mrtoth 2026-03-25 22:15:21 +01:00
• 9f82ca21ee Add /dev/input/ to SENSITIVE_PATHS for blacklist mode mrtoth 2026-03-25 22:00:32 +01:00
• ada9da7ae7 Reject empty HOME envvar mrtoth 2026-03-20 21:43:08 +01:00
• 4112288a30 Ensure passing relative paths to CLI works mrtoth 2026-03-20 21:36:55 +01:00
• 94535b20d3 Fix blacklist bind mount order mrtoth 2026-03-20 21:02:48 +01:00
• 826c6d5531 Add ~/.claude.json to agent paths and use --bind-try mrtoth 2026-03-20 20:41:24 +01:00
• 50dafb4c37 Fix read-only /dev, /proc, /tmp, /var/tmp, /run in blacklist mode mrtoth 2026-03-20 20:40:57 +01:00
• c8e0d4813a Use --ro-bind-try for system files in whitelist mode mrtoth 2026-03-20 19:29:53 +01:00
• b4b94856ac Skip run_user overlay when runtime dir is unknown mrtoth 2026-03-20 19:29:43 +01:00
• 9da043a70e Remove redundant /etc/ssh/* glob entry mrtoth 2026-03-20 19:29:38 +01:00
• ba885b7dd6 Ensure test file is cleaned up in cwd_is_writable test case mrtoth 2026-03-20 18:52:03 +01:00
• bf53d92d49 Initial commit mrtoth 2026-03-20 18:40:08 +01:00