~alip/syd

seccomp and landlock based application sandbox with support for namespaces
2efb5c29 — Ali Polatel 3 hours ago
hook: use mdwe_no_inherit on allow_unsafe_memory to enable MDWE for syd process unconditionally
a94aa4d0 — Ali Polatel 3 hours ago
lib,syd: print target persona in -V/--version output
53fd96d4 — Ali Polatel 4 hours ago
cargo fmt

clone

read-only
https://git.sr.ht/~alip/syd
read/write
git@git.sr.ht:~alip/syd

You can also use your local clone with git send-email.

build status repology dependency status

syd

Read the fine manuals of syd, libsyd, gosyd, plsyd, pysyd, rbsyd, syd.el and watch the asciicasts Memory Sandboxing, PID Sandboxing, Network Sandboxing, and Sandboxing Emacs with syd. Join the CTF event at https://ctftime.org/event/2178 and try to read the file /etc/CTF¹ on syd.chesswob.org with ssh user/pass: syd.

Maintained by Ali Polatel. Up-to-date sources can be found at https://git.sr.ht/~alip/syd and bugs/patches can be submitted by email to ~alip/sydbox-devel@lists.sr.ht. Exherbo related bugs/issues can be submitted to https://gitlab.exherbo.org/groups/sydbox/-/issues. Discuss in #sydbox on Libera Chat.

¹: The SHA256 checksum is f1af8d3946546f9d3b1af4fe15f0209b2298166208d51a481cf51ac8c5f4b294.

²: That cat's something I can't explain!