Add Eio_unix.Cap module to enable Capsicum mode #697
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SGrondin
approved these changes
Feb 25, 2024
talex5
added a commit
to talex5/opam-repository
that referenced
this pull request
Mar 10, 2024
CHANGES: New features: - Add `Eio_unix.Cap` module to enable Capsicum mode (@talex5 ocaml-multicore/eio#697, reviewed by @SGrondin). - eio_linux: expose more functions in the `Low_level` module (@talex5 ocaml-multicore/eio#705, reviewed by @SGrondin). Add all the functions used by other parts of eio_linux (`openat`, `mkdir`, `read_link`, `unlink`, `rename` and `pipe`). Tidied the API up a bit too: - `mkdir_beneath` is now just `mkdir`. - `statx_confined` is now just `statx`. - `open_dir` is gone; the single user now calls `openat` directly. Documentation: - Add README documentation for `Eio.Executor_pool` (@SGrondin @talex5 ocaml-multicore/eio#707, reviewed by @Sudha247). - eio_linux: remove logging (@talex5 ocaml-multicore/eio#708, requested by @clecat). There were only two remaining uses of Logs, neither of which has proved useful. Build: - Add upper-bound on MDX (@talex5 ocaml-multicore/eio#706). The new version attempts to execute included blocks. - Fix tests to pass with both old and new Kcas (@polytypic ocaml-multicore/eio#704). - Make posix `open_beneath` test idempotent (@SGrondin ocaml-multicore/eio#703). - Executor_pool: mention requested weight in error message (@talex5 ocaml-multicore/eio#702, reported by @yawaramin).
talex5
added a commit
to talex5/opam-repository
that referenced
this pull request
Mar 10, 2024
CHANGES: New features: - Add `Eio_unix.Cap` module to enable Capsicum mode (@talex5 ocaml-multicore/eio#697, reviewed by @SGrondin). - eio_linux: expose more functions in the `Low_level` module (@talex5 ocaml-multicore/eio#705, reviewed by @SGrondin). Add all the functions used by other parts of eio_linux (`openat`, `mkdir`, `read_link`, `unlink`, `rename` and `pipe`). Tidied the API up a bit too: - `mkdir_beneath` is now just `mkdir`. - `statx_confined` is now just `statx`. - `open_dir` is gone; the single user now calls `openat` directly. Documentation: - Add README documentation for `Eio.Executor_pool` (@SGrondin @talex5 ocaml-multicore/eio#707, reviewed by @Sudha247). - eio_linux: remove logging (@talex5 ocaml-multicore/eio#708, requested by @clecat). There were only two remaining uses of Logs, neither of which has proved useful. Build: - Add upper-bound on MDX (@talex5 ocaml-multicore/eio#706). The new version attempts to execute included blocks. - Fix tests to pass with both old and new Kcas (@polytypic ocaml-multicore/eio#704). - Make posix `open_beneath` test idempotent (@SGrondin ocaml-multicore/eio#703). - Executor_pool: mention requested weight in error message (@talex5 ocaml-multicore/eio#702, reported by @yawaramin).
talex5
added a commit
to talex5/opam-repository
that referenced
this pull request
Mar 10, 2024
CHANGES: New features: - Add `Eio_unix.Cap` module to enable Capsicum mode (@talex5 ocaml-multicore/eio#697, reviewed by @SGrondin). - eio_linux: expose more functions in the `Low_level` module (@talex5 ocaml-multicore/eio#705, reviewed by @SGrondin). Add all the functions used by other parts of eio_linux (`openat`, `mkdir`, `read_link`, `unlink`, `rename` and `pipe`). Tidied the API up a bit too: - `mkdir_beneath` is now just `mkdir`. - `statx_confined` is now just `statx`. - `open_dir` is gone; the single user now calls `openat` directly. Documentation: - Add README documentation for `Eio.Executor_pool` (@SGrondin @talex5 ocaml-multicore/eio#707, reviewed by @Sudha247). - eio_linux: remove logging (@talex5 ocaml-multicore/eio#708, requested by @clecat). There were only two remaining uses of Logs, neither of which has proved useful. Build: - Add upper-bound on MDX (@talex5 ocaml-multicore/eio#706). The new version attempts to execute included blocks. - Fix tests to pass with both old and new Kcas (@polytypic ocaml-multicore/eio#704). - Make posix `open_beneath` test idempotent (@SGrondin ocaml-multicore/eio#703). - Executor_pool: mention requested weight in error message (@talex5 ocaml-multicore/eio#702, reported by @yawaramin).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I think this might be useful to show how Eio can work with the OS's security features.