pandora_box 0.18.0

Syd's log inspector & profile writer 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202

# ChangeLog

# 0.18.0

- Use [`simple-dns`](https://crates.io/crates/simple-dns) to resolve DNS
  by default. Add `system-dns` option to fallback to
  [`dns-lookup`](https://crates.io/crates/dns-lookup) which uses libc.
  The features are mutually exclusive so to specify `system-dns`
  feature, the user should also pass `--no-default-features`.

# 0.17.0

- Improve _ioctl_(2) parsing.
- Add support for Filesystem sandboxing which is new in Syd-3.47.0.
- Improve I/O to handle `EAGAIN` and `EINTR` gracefully.

# 0.16.1

- Upgrade [`crc`](https://crates.io/crates/tempfile) crate from `3.3` to
  `3.4`.
- Upgrade [`tempfile`](https://crates.io/crates/tempfile) crate from
  version `3.22` to `3.23`.

# 0.16.0

- Add support for the new category and category sets in Syd-3.39.0.
- Upgrade [`tempfile`](https://crates.io/crates/tempfile) crate from
  version `3.21` to `3.22`.
- Switch from [`serde`](https://crates.io/crates/serde) crate to
  [`serde_core`](https://crates.io/crates/serde-core) crate to
  reduce compile times.

# 0.15.0

- Update device creation categories to include the new `mkbdev`, and
  `mkcdev` in Syd-3.38.0.
- Warn about JSON parsing errors if the environment variable
  `PANDORA_DEBUG` is set.
- Add support for [aliases](https://man.exherbo.org/syd.2.html#ALIASES)
  new in Syd-3.38.0.
- Add support for writing rules with _ioctl_(2) request names.
  This allows for portable, readable profiles and requires
  Syd-3.38.0 or later.

# 0.14.4

- Upgrade `console` crate from `0.15` to `0.16`.
- Upgrade `indicatif` crate from `0.17` to `0.18`.
- Upgrade `md5` crate from `0.7` to `0.8`.
- Replace `hex-conservative` crate with the `data-encoding` crate. The
  former decided to remove the hex-encoding in the latest major version
  in an effort to stabilize the crate therefore we can no longer use it.
  Moreover, the latter allows us to do permissive hex decoding when
  parsing is done case-insensitively.

# 0.14.3

- Avoid using `codegen-units=1` for release builds.
- Use `thin` LTO rather than `fat` LTO for release builds.

# 0.14.2

- Upgrade `tempfile` crate from `3.13` to `3.20`.
- Upgrade `num_cpus` crate from `1.16` to `1.17`.
- Upgrade `btoi` crate from `0.4` to `0.5`.
- Upgrade `crc` crate from `3.2` to `3.3`.
- Upgrade `nix` crate from `0.29` to `0.30`.
- Fix build issue on aarch64 (thx omni!)

# 0.14.1

- Add support for the new `rmdir` sandbox category in Syd-3.33.0.
- Set the environment variable `SYD_QUIET_TTY` to make
  Syd print logs in line-oriented JSON format. Previously,
  this was implied by the option `log/verbose:0` in the
  `trace` profile which is no longer the case since
  Syd-3.32.4.

# 0.14.0

- Sort _ioctl_(2) requests before printing them to the profile.
- Add support to turn UNIX socket paths into globs.
- Add support to confine `!unnamed` dummy path for UNIX unnamed sockets
  for the `net/bind` and `net/connect` sandboxing categories.
- Add support for the `@` prefix for UNIX abstract sockets which is new
  in Syd-3.32.0.

# 0.13.0

- Rewrite option parsing to use the `lexopt` crate rather than `argv`
  and `getargs` crates. Make option parsing [POSIXly
  correct](https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap12.html#tag_12_02).
- Add support for new sandbox categories in Syd-3.31.0.

# 0.12.1

- Add support to learn _ioctl_(2) requests.
- Stop using the `dns-lookup` crate and call libc _getnameinfo_(3)
  directly.

# 0.12.0

- Fix passing extra options to Syd.
- Fix static linking.
- Stop using the `built` crate which depends on `libgit2-sys`.
- Replace the `clap` crate with `getargs` crate for option parsing.
- Send the signal `SIGKILL` on timeout rather than `SIGTERM`.
- Avoid locking the sandbox in generated profiles.

# 0.12.0-beta.3

- Fix _syslog_(2) handling to do non-destructive reads.
- Upgrade `hex-conservative` crate dependency from `0.2` to `0.3`.

# 0.12.0-beta.2

- Fix _syslog_(2) handling.

# 0.12.0-beta.1

- Replace `parking_lot` crate with stdlib locks.
- The special input argument `syslog` may now be passed to
  `pandora inspect --input` to read access violations from
  _syslog_(2). This allows easy access to the _syslog_(2)
  emulation new in Syd-3.30.0.
- Do checksum calculation in parallel.
- Support choosing alternative algorithms to use for executable
  verification with the new  `-h` option. The default remains the most
  secure SHA3-512.
- Be permissive in JSON parsing: Lines with invalid JSON are now skipped
  and pandora strips all characters until the first `{` from input lines
  before attempting to parse them as JSON.
- Add support for [`Chdir
  Sandboxing`](http://man.exherbo.org/syd.7.html#Chdir_Sandboxing),
  [`Readdir
  Sandboxing`](http://man.exherbo.org/syd.7.html#Readdir_Sandboxing),
  [`Rename
  Sandboxing`](http://man.exherbo.org/syd.7.html#Create/Delete/Truncate/Rename/Link_Sandboxing),
  and [`Link
  Sandboxing`](http://man.exherbo.org/syd.7.html#Create/Delete/Truncate/Rename/Link_Sandboxing)
  new in Syd-3.30.0.

# 0.11.1

- Stop using the `pandora` profile which is a no-op with the `trace`
  profile already applied.

# 0.11.0

- Change project license from `GPL-3.0-or-later` to `GPL-3.0`.
- Add support for Create/Delete, Node, Attr, Chown/Chgrp, Tmpfile, and
  Net/Send sandboxing types new in Syd-3.28.0.
- Print progress during checksum generation.
- Sync with logging changes in Syd-3.28.0.
- Remove humantime and time crates from dependencies.
- Replace const-hex crate with hex-conservative crate.

# 0.10.3

- Fix panic when allowlisting UNIX abstract/domain sockets.

# 0.10.2

- Perform reverse DNS lookup on IPs and add hostnames as comments
  to the auto-generated profile.
- Add efficient handling of `/proc/pid/ns/` paths.
- Implement grouping of sandboxing rules together by sandboxing type.

# 0.10.1

- Make various formatting improvements to the auto-generated profile.
- Reduce --limit default from 7 to 3 for practicality.
- Enumerate dynamic libraries for Exec sandboxing.

# 0.10.0

- Add support for calculating the checksums of dynamically linked
  libraries.
- Add support for Ioctl sandboxing of Syd-3.23.0
- Replace hex crate with const-hex crate.

# 0.9.0

- Add support for writing Integrity Force rules. The user should
  turn force sandboxing on manually for this to work, e.g:
  `pandora profile -msandbox/force:on -- true`

## 0.8.4

- Improve documentation.

## 0.8.3

- Add `--timeout` option to `profile` subcommand to limit process
  runtime with a duration. The option takes human-formatted time as
  argument.
- Block SIGINT when profiling so interrupting the underlying process
  does not interrupt profile generation.

## 0.8.2..

See git history