Update changelog and todo

boustrophedon · Apr 4, 2024 · 3e447de · 3e447de
1 parent f6e0045
commit 3e447de
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 31 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
-unreleased
-----------
+0.5.0
+-----
+- Add `Isolate` feature for using unprivileged namespaces
+  - Use `Isolate::run` inside your normal code to start the isolate
+  - Use `Isolate::main_hook` at the beginning of main to actually run the isolate upon re-exec
+  - This feature significantly drops code coverage because llvm-cov can't write
+    out coverage data from within an isolate. The code is still being covered
+    by tests in `examples/isolate_test.rs`.
 - Add default implementation for `RuleSet::conditional_rules`
 - impl RuleSet for `syscalls::Sysno` for easier ad-hoc rulesets
 - Use generics instead of impl Trait in public functions to allow turbofish usage

diff --git a/todo.txt b/todo.txt
@@ -1,34 +1,6 @@
 # New functionality
 
-## Other "sandboxing" features
-https://chromium.googlesource.com/chromium/src.git/+/HEAD/docs/linux/sandboxing.md#User-namespaces-sandbox
-
-User namespaces option? Something like:
-
-rust
-```
-SafetyContext::new()
-.isolate_process()
-``` 
-
-using unshare maybe? https://docs.kernel.org/userspace-api/unshare.html unshare is a bit tricky because e.g. newpid doesn't actually unshare the current thread, only its children. so maybe it would be better with a wrapper around creating a thread like ctx.run below.
-
-Maybe even a macro similar to tokio::main? is something like 
-
-```
-fn my_context() -> SafetyContext {
-}
-
-#[extrasafe::main(my_context)]
-fn main() {
-	foo();
-	//...
-}
-```
-
-possible? it should ideally also work transparently with tokio::main as well as long as you put it first
-
-see also https://blog.lizzie.io/linux-containers-in-500-loc.html
+Linux capabilities for dropping privs inside Isolates
 
 ## custom landlock configurations?
 more than just file read/write path create/list/delete
@@ -40,6 +12,8 @@ Something either like "Network::everything()" (rather than Network::nothing etc)
 
 # Nice to haves
 
+- better way to run isolates in tests
+
 - convenience function to enable ssl cert directories with landlock
 - convenience function to enable dns files/directories with landlock
   - update examples to use them