Skip to content

Executes programs as sealed anonymous files on Linux

License

Notifications You must be signed in to change notification settings

brozkrut/pentacle

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

pentacle

pentacle is a library for executing programs as sealed anonymous files on Linux, using memfd_create(2).

This is useful for executing programs that execute untrusted programs with root permissions, or ensuring a cryptographically-verified program is not tampered with after verification but before execution.

This library is based on runc's cloned_binary.c.

About

Executes programs as sealed anonymous files on Linux

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Rust 100.0%