isabella/minisandbox
1
0
Fork 0
Code Activity
No description
8 commits 1 branch 0 tags 50 KiB
  • Shell 85.2%
  • Nix 14.8%
Find a file
Exact
Isabella Bastaja 01fba51c43 wip run mounts inside of unshared context 
the chroot doesn't work yet, I'm not sure why. also maybe I should split
the child script off into it's own file.
2026-04-01 21:54:14 +02:00
.gitignore create second iteration: granular nix binds 2026-03-29 15:37:17 +02:00
01-naive.sh hello, world :3 2026-03-28 11:12:38 +01:00
02-granular-nix-binds.sh create second iteration: granular nix binds 2026-03-29 15:37:17 +02:00
03-unshare.sh wip run mounts inside of unshared context 2026-04-01 21:54:14 +02:00
flake.lock init nix flake and devshell 2026-03-29 15:51:40 +02:00
flake.nix init nix flake and devshell 2026-03-29 15:51:40 +02:00
LICENSE hello, world :3 2026-03-28 11:12:38 +01:00
literature.md clear up literature section names 2026-03-31 21:52:14 +02:00
README.md Add note about contact info in README 2026-03-28 11:26:20 +01:00

README.md

minisandbox

This is a learning project for learning how Linux's sandboxing/security mechanisms work and trying out whether I can combine them with Nix's derivation model. Fair warning that I don't exactly know what I'm doing, so you should not rely on any code in this repo for security.

I am keeping track of which resources I've explored (or just visited) while creating this. You can check them out in the literature.md file.

Copyright

The code in the repository is shared under the EUPL-1.2 license. See the LICENSE file for the full text.

Issues & contact

Issues and pull requests are disabled in this repository as it is only intended to be a learning space for me (you couldn't create either on this instance anyway due to lack of account). If you want to contact me feel free to send an email to the address on my profile.