byn 0.3.1

Changelog

• 34877c7: Fix privsep setup and daemon runtime; portal auth rework WIP (@sandeepbaynes)
• 63e3422: Merge pull request #12 from sandeepbaynes/fix-docs-section-separators (@sandeepbaynes)
• 890dcd2: Merge pull request #13 from sandeepbaynes/fix-footer-releases (@sandeepbaynes)
• a7fb091: Merge pull request #14 from sandeepbaynes/privsep-rework (@sandeepbaynes)
• 164b54c: Merge pull request #16 from sandeepbaynes/release-v0.3.1 (@sandeepbaynes)
• 63c1576: cli: store session tokens in an owner-writable dir under privsep (@sandeepbaynes)
• 0ded5a0: daemon: capture + seal the exec capability at trust grant (S2c-3) (@sandeepbaynes)
• a812bbd: daemon: correct readBynFile/stat comments for the privsep model (@sandeepbaynes)
• 45723b1: daemon: exec surfaces the TCC/FDA cause instead of "untrusted" (@sandeepbaynes)
• 8805bb4: daemon: trusted exec runs autonomously via the capability (S3) (@sandeepbaynes)
• ddacb75: docs site: footer version + releases links, and a release-notes page (@sandeepbaynes)
• bdec350: exec: auto-grant _byn-exec access to tool-state dirs (@sandeepbaynes)
• 8b92966: exec: terminal-anchored privsep spawn + debug modes (@sandeepbaynes)
• 599b444: macos: actionable TCC error + Full Disk Access guidance in setup (@sandeepbaynes)
• d49bb81: macos: surface TCC/FDA fix + free code-signing across error, help, man, docs (@sandeepbaynes)
• 2b1e6fc: privsep: add GrantBynReadACL — owner grants _byn read on a .byn (@sandeepbaynes)
• 873dde4: privsep: non-recursive _byn-exec project ACL (S4) (@sandeepbaynes)
• d65abcb: privsep: pass the Seatbelt profile inline (-p), not via a temp file (macOS) (@sandeepbaynes)
• 4eb2ee8: privsep: sandbox the target AFTER the setuid drop, not before (macOS) (@sandeepbaynes)
• 982e19c: privsep: traverse all ancestors for _byn-exec too; keep shared on revoke (@sandeepbaynes)
• 7ee8209: trust: add ExecCapability to the record, MAC-bound (S2c-1) (@sandeepbaynes)
• 4b233ba: trust: don't run the recursive exec ACL at trust time (hang fix) (@sandeepbaynes)
• fe4cd5d: trust: fix privsep gating + traverse all ancestors for daemon read (@sandeepbaynes)
• a09138a: trust: owner CLI grants daemon read ACL before granting trust (@sandeepbaynes)
• 6d0fbea: trust: re-wire the (non-recursive) _byn-exec project ACL into grant (@sandeepbaynes)
• 6953631: vault/crypto: add DeriveRowKey — per-row encryption keys (S1a) (@sandeepbaynes)
• 815b7e0: vault/crypto: capability seal/open under a machine-fingerprint K_cap (S2a) (@sandeepbaynes)
• 4abcf5f: vault: CaptureRowKeys — collect a .byn's row keys + migrate to v2 (S2b) (@sandeepbaynes)
• 01fa943: vault: OpenEnvVarWithRowKey — autonomous decrypt with a capability key (S2c-2) (@sandeepbaynes)
• fc010fd: vault: seal entries with per-row keys; read v1+v2 (S1b) (@sandeepbaynes)