RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-16 01:34:58 +00:00
Code Issues Activity Actions
serenity/Base/usr/share/man/man1/unveil.md
Liav A 8e16588757 Utilities+Base: Add unveil utility 
This utility essentially creates a filesystem sandbox for a specified
command, so it can be tested with only the unveiled paths the user
specifies beforehand.
2022-11-26 12:42:15 -07:00

704 B
Raw Blame History

Name

unveil - unveil certain paths when running a command

Synopsis

$ unveil [--path] [command...]

Description

Run a command under certain path restrictions by using unveil(2).

Options

  • -u, --path: Unveil a path, with the format of permissions,path

Examples

Run ls -la /sys/kernel with restricted access to certain paths:

$ unveil --path=r,/etc/timezone --path=r,/usr/lib --path=r,/sys/ --path=r,/etc/passwd --path=r,/etc/group ls -la /sys/kernel

Run ps -ef with restricted access to certain paths:

$ unveil --path=r,/etc/timezone --path=r,/usr/lib --path=r,/sys/ --path=r,/etc/passwd --path=r,/etc/group ps -ef