monadical/greywall
Archived
14
0
Fork 0
Code Issues Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity

Add environment sanitization

Browse Source
This commit is contained in:
JY Tan
2025-12-25 20:47:11 -08:00
parent 32d785c703
commit f86d9a2c82
17 changed files with 340 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/sandbox/command.go
View File

@@ -1,4 +1,3 @@
// Package sandbox provides sandboxing functionality for macOS and Linux.
package sandbox
import (
@@ -18,9 +17,9 @@ type CommandBlockedError struct {
func (e *CommandBlockedError) Error() string {
if e.IsDefault {
return fmt.Sprintf("command blocked by default policy: %q matches %q", e.Command, e.BlockedPrefix)
return fmt.Sprintf("command blocked by default sandbox command policy: %q matches %q", e.Command, e.BlockedPrefix)
}
return fmt.Sprintf("command blocked by policy: %q matches %q", e.Command, e.BlockedPrefix)
return fmt.Sprintf("command blocked by sandbox command policy: %q matches %q", e.Command, e.BlockedPrefix)
}
// CheckCommand checks if a command is allowed by the configuration.