almet/dangerzone
1
0
Fork 0
mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-04-29 02:12:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 11
dangerzone/dangerzone
History
Alex Pyrgiotis e1e63d14f8
container: Set container_engine_t SELinux label 
Set the `container_engine_t` SELinux on the **outer** Podman container,
so that gVisor does not break on systems where SELinux is enforcing.
This label is provided for container engines running within a container,
which fits our `runsc` within `crun` situation.

We have considered using the more permissive `label=disable` option, to
disable SELinux labels altogether, but we want to take advantage of as
many SELinux protections as we can, even for the **outer** container.

Fixes #880
2024-07-26 16:34:19 +03:00
..
conversion Use TESSDATA_PREFIX if explicitly passed 2024-06-12 13:40:03 +03:00
gui Add drag and drop support for document selection 2024-06-27 11:51:41 +02:00
gvisor_wrapper Sandbox all Dangerzone document processing within gVisor. 2024-06-12 13:40:04 +03:00
isolation_provider container: Set container_engine_t SELinux label 2024-07-26 16:34:19 +03:00
__init__.py chore(imports): remove useless imports 2024-06-05 14:19:30 +02:00
args.py Always use sys.exit when exiting the application 2024-05-09 15:57:42 +03:00
cli.py chore: remove unused code 2024-06-05 14:19:31 +02:00
document.py chore(imports): remove useless imports 2024-06-05 14:19:30 +02:00
errors.py chore: minor linting 2024-06-05 14:19:31 +02:00
logic.py chore: remove unused code 2024-06-05 14:19:31 +02:00
settings.py fix: do not catch bare exceptions 2024-06-05 14:19:31 +02:00
util.py refactor: use pathlib / separator rather than .joinpath 2024-06-05 14:19:31 +02:00