Use Landlock to restrict bash calls. (#5)

https://docs.kernel.org/userspace-api/landlock.html Reviewed-on: #5 Co-authored-by: Drew Galbraith <drew@tiramisu.one> Co-committed-by: Drew Galbraith <drew@tiramisu.one>
2026-03-02 03:51:46 +00:00 · 2026-03-02 03:51:46 +00:00 · 7efc6705d3
commit 7efc6705d3
parent 797d7564b7
19 changed files with 1315 additions and 238 deletions
--- a/src/tui/mod.rs
+++ b/src/tui/mod.rs
@ -74,6 +74,10 @@ pub struct AppState {
    pub status_error: Option<String>,
    /// A tool approval request waiting for user input (y/n).
    pub pending_approval: Option<events::PendingApproval>,
+    /// Whether the sandbox is in yolo (unsandboxed) mode.
+    pub sandbox_yolo: bool,
+    /// Whether network access is currently allowed.
+    pub network_allowed: bool,
 }

 impl AppState {
@ -88,6 +92,8 @@ impl AppState {
            viewport_height: 0,
            status_error: None,
            pending_approval: None,
+            sandbox_yolo: false,
+            network_allowed: false,
        }
    }
 }
@ -145,10 +151,12 @@ pub fn install_panic_hook() {
 pub async fn run(
    action_tx: mpsc::Sender<UserAction>,
    mut event_rx: mpsc::Receiver<UIEvent>,
+    sandbox_yolo: bool,
 ) -> Result<(), TuiError> {
    install_panic_hook();
    let mut terminal = init_terminal()?;
    let mut state = AppState::new();
+    state.sandbox_yolo = sandbox_yolo;
    let mut event_stream = EventStream::new();

    loop {
@ -199,6 +207,9 @@ pub async fn run(
                    })
                    .await;
            }
+            Some(input::LoopControl::SetNetworkPolicy(allowed)) => {
+                let _ = action_tx.send(UserAction::SetNetworkPolicy(allowed)).await;
+            }
            None => {}
        }
    }