László Vaskó

> I would be in favor of option 1 since it's how unblob works. The extraction path provided with `-e` is where we create the extraction directory so we do...

Hehe, this change is incompatible with code coverage measurement :D ``` INTERNALERROR> File "/home/runner/.cache/pypoetry/virtualenvs/unblob-PkeEArhf-py3.8/lib/python3.8/site-packages/coverage/sqldata.py", line 1064, in _connect INTERNALERROR> raise DataError(f"Couldn't use data file {self.filename!r}: {exc}") from exc INTERNALERROR> coverage.exceptions.DataError:...

I had an idea to make sandboxing more composable: spawn a new thread, drop privileges, run `process_file` there, then return the results. This way, the caller's privileges are not affected....

It's interesting that it fails on aarch64-linux. Maybe because of qemu emulation?

I'll add tests on the rust side as well then :)

> I built the `sandboxer` example from rust-landlock and it works on qemu-aarch64-static by returning an error: > > ``` > $ LL_FS_RO="/bin:/lib:/usr:/proc:/etc:/dev/urandom" \ > LL_FS_RW="/dev/null:/dev/full:/dev/zero:/dev/pts:/tmp" \ > LL_TCP_BIND="9418" LL_TCP_CONNECT="80:443"...

> > Ahh, we need this error check at the end... https://github.com/landlock-lsm/rust-landlock/blob/94721d26b2fd1151e71bd7a3aa5a43c463a22347/examples/sandboxer.rs#L133-L135 > > Please note that kernels not supporting Landlock should not be an error for programs sandboxing themselves,...

Failing build resolved-by https://github.com/onekey-sec/unblob-native/pull/65

The one thing requires thorough manual testing is keeping exit on CTRL-C and SIGTERM working. Many shenanigans are added for that purpose.