File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 11# Changelog
22
33
4+ ## [ 0.2.29] - Unreleased
5+
6+ Preliminary support for security sandboxing our application code and our helper applications on
7+ Linux, using the Landlock loadable security module. If the ` sandbox ` feature is enabled at build
8+ time (only available on Linux) and the functionality is enabled using the new ` --sandbox `
9+ commandline option, restrict access to the filesystem, limit write access to directories that we
10+ will need to write to, limit exec access to directories where our helper applications and their
11+ runtime libraries are located, and limit read access to directories that the application or helper
12+ applications may need to read. This feature also somewhat restricts network access, preventing
13+ binding to a TCP port.
14+
15+ The release builds for Linux include this feature, as does the prebuilt Docker container.
16+
17+
418## [ 0.2.28] - 2025-11-23
519
620- Following changes in the tracing crate that disable ANSI terminal escape sequences for security
You can’t perform that action at this time.
0 commit comments