core/core-agent-ide
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
core-agent-ide/codex-rs/linux-sandbox/src
History
viyatb-oai 8896ca0ee6
fix(linux-sandbox): block io_uring syscalls in no-network seccomp policy (#10814) 
## Summary

- Add seccomp deny rules for `io_uring` syscalls in the Linux sandbox
network policy.
- Specifically deny:
  - `SYS_io_uring_setup`
  - `SYS_io_uring_enter`
  - `SYS_io_uring_register`
2026-02-06 11:00:54 -08:00
..
bwrap.rs feat(linux-sandbox): add bwrap support (#9938) 2026-02-04 11:13:17 -08:00
landlock.rs fix(linux-sandbox): block io_uring syscalls in no-network seccomp policy (#10814) 2026-02-06 11:00:54 -08:00
lib.rs feat(linux-sandbox): vendor bubblewrap and wire it with FFI (#10413) 2026-02-02 23:33:46 -08:00
linux_run_main.rs feat(linux-sandbox): add bwrap support (#9938) 2026-02-04 11:13:17 -08:00
main.rs fix: overhaul how we spawn commands under seccomp/landlock on Linux (#1086) 2025-05-23 11:37:07 -07:00
vendored_bwrap.rs feat(linux-sandbox): add bwrap support (#9938) 2026-02-04 11:13:17 -08:00