Skip to content
/ forkoff Public

prevent forking of external processes via kafel + neon + node.js

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

gcmurphy/forkoff

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

lib

lib

 
 

native

native

 
 

vendor

vendor

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

README.md

README.md

 
 

package.json

package.json

 
 

Repository files navigation

forkoff

Experiment that uses kafel to set seccomp filters to prevent forking Really bad prototype using neon + rust to build bindings.

Currently an EPERM error will be raised when you try to run a process.

Hacking

Install submodules:

git submodule update --init --recursive

Install Rust

curl https://sh.rustup.rs -sSf | sh

Install Neon

npm install -g neon-cli

Ensure libkafel is built and accessible

  • build.rs will look for the file in the root directory
  • node expects libkafel.so.1 to exist so you need to symlink or rename
cd vendor/kafel
make
cp libkafel.so ../../
cp libkafel.so ../../../libkafel.so.1

Run the build

neon build

Run the demo

npm start

About

prevent forking of external processes via kafel + neon + node.js

Topics

nodejs rust neon help-wanted seccomp kafel

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages