zerobox 0.2.2

Sandbox any command with file, network, and credential controls.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

{
  "$schema": "./schema.json",
  "description": "Deny access to credentials, tokens, and cloud keys.",
  "deny_read": [
    "$HOME/.ssh",
    "$HOME/.gnupg",
    "$HOME/.aws",
    "$HOME/.azure",
    "$HOME/.config/gcloud",
    "$HOME/.gcloud",
    "$HOME/.kube",
    "$HOME/.docker",
    "$HOME/.git-credentials",
    "$HOME/.netrc",
    "$HOME/.npmrc",
    "$HOME/.vault-token",
    "$HOME/.credentials",
    "$HOME/.secrets",
    "$HOME/.keys",
    "$HOME/.pki",
    "$HOME/.terraform.d",
    "$HOME/.config/op"
  ],
  "deny_write": [
    "$HOME/.ssh",
    "$HOME/.gnupg",
    "$HOME/.aws",
    "$HOME/.azure",
    "$HOME/.config/gcloud",
    "$HOME/.gcloud",
    "$HOME/.kube",
    "$HOME/.docker",
    "$HOME/.git-credentials",
    "$HOME/.netrc",
    "$HOME/.npmrc",
    "$HOME/.vault-token",
    "$HOME/.credentials",
    "$HOME/.secrets",
    "$HOME/.keys",
    "$HOME/.pki",
    "$HOME/.terraform.d",
    "$HOME/.config/op"
  ]
}