Skip to content

Secure Linux file system operations scoped to an arbitrary root directory, without chroot

License

Notifications You must be signed in to change notification settings

orbstack/securefs

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

securefs

Go library for secure file system operations scoped to an arbitrary root directory on Linux, without chroot, mount namespaces, or other privileged features.

This uses the Linux-specific openat2 syscall with RESOLVE_IN_ROOT to prevent symlink escapes and race conditions. Other solutions like securejoin are subject to race conditions.

Unlike O_NOFOLLOW, this supports all file system operations and works with symlinks (as long as they don't escape the specified root directory).

About

Secure Linux file system operations scoped to an arbitrary root directory, without chroot

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages