Dominyk Tiller
98499d1d29
sandbox: permit /var/tmp & DerivedData
...
Long term it would be nice to sandbox everything that writes to DerivedData
but it is essentially a cache directory of sorts.
The downside of allowing stuff to write there particularly is that DerivedData
is notoriously bad at getting cleaned up, so if you do a lot of Xcode-using
installations very quickly, you can chew your disk space up.
Closes Homebrew/homebrew#43276 .
Signed-off-by: Dominyk Tiller <dominyktiller@gmail.com>
2015-08-25 22:01:24 +01:00
Xu Cheng
b121e5fd7b
more core file style updated by rubocop
2015-08-06 17:23:56 +08:00
BrewTestBot
13d544e11e
Core files style updates.
...
Closes Homebrew/homebrew#42354 .
Signed-off-by: Mike McQuaid <mike@mikemcquaid.com>
2015-08-03 13:22:35 +01:00
Xu Cheng
2ebd1c974b
print sandbox message
...
Closes Homebrew/homebrew#42293 .
Signed-off-by: Xu Cheng <xucheng@me.com>
2015-07-31 19:52:36 +08:00
Xu Cheng
8cebb64eec
auto disable sandbox for interactive shell
...
Closes Homebrew/homebrew#38792 .
Signed-off-by: Xu Cheng <xucheng@me.com>
2015-07-22 15:12:15 +08:00
Xu Cheng
64c0927087
sandbox: fix the rules
...
1. `script` (used to fake the tty) requires write access to /dev/ptmx
and /dev/ttys*
2. sandbox profile only accepts `[0-9]` instead of `\d`.
2015-05-10 17:39:53 +08:00
Jack Nagel
16dfe3dd40
Add Formula#logs
2015-04-25 23:14:05 -04:00
Xu Cheng
fbc47d86ad
sandbox: add deny_write_homebrew_library method
2015-04-23 12:33:54 +08:00
Xu Cheng
adedbb86f1
sandbox: record log
...
Closes Homebrew/homebrew#38711 .
Signed-off-by: Xu Cheng <xucheng@me.com>
2015-04-17 14:09:24 +08:00
Xu Cheng
a6be0b5bb8
sandbox: redesign API
2015-04-15 19:51:54 +08:00
Xu Cheng
2f529220e7
preliminary write control only sandbox
...
Closes Homebrew/homebrew#38361 .
Signed-off-by: Xu Cheng <xucheng@me.com>
2015-04-09 17:42:54 +08:00
