Utilities+Base: Add unveil utility

This utility essentially creates a filesystem sandbox for a specified command, so it can be tested with only the unveiled paths the user specifies beforehand.
author: Liav A <liavalb@gmail.com> 2022-11-04 21:20:10 +0200
committer: Andrew Kaster <andrewdkaster@gmail.com> 2022-11-26 12:42:15 -0700
commit: 8e165887578b1924c924c5a76efcfcf7dca08498 (patch)
tree: 493a749e959c98c0ab1bf5483f3eec277ffc5446 /Base/usr
parent: 7d7127b4637d959e434b8f6ada1ca47cb454c068 (diff)
download: serenity-8e165887578b1924c924c5a76efcfcf7dca08498.zip
1 files changed, 29 insertions, 0 deletions
diff --git a/Base/usr/share/man/man1/unveil.md b/Base/usr/share/man/man1/unveil.md
new file mode 100644
index 0000000000..d89f93645d
--- /dev/null
+++ b/Base/usr/share/man/man1/unveil.md
@@ -0,0 +1,29 @@
+## Name
+
+unveil - unveil certain paths when running a command
+
+## Synopsis
+
+```**sh
+$ unveil [--path] [command...]
+```
+
+## Description
+
+Run a command under certain path restrictions by using [`unveil`(2)](help://man/2/unveil).
+
+## Options
+
+* `-u`, `--path`: Unveil a path, with the format of `permissions,path`
+
+## Examples
+
+Run `ls -la /sys/kernel` with restricted access to certain paths:
+```sh
+$ unveil --path=r,/etc/timezone --path=r,/usr/lib --path=r,/sys/ --path=r,/etc/passwd --path=r,/etc/group ls -la /sys/kernel
+```
+
+Run `ps -ef` with restricted access to certain paths:
+```sh
+$ unveil --path=r,/etc/timezone --path=r,/usr/lib --path=r,/sys/ --path=r,/etc/passwd --path=r,/etc/group ps -ef
+```
author	Liav A <liavalb@gmail.com>	2022-11-04 21:20:10 +0200
committer	Andrew Kaster <andrewdkaster@gmail.com>	2022-11-26 12:42:15 -0700
commit	8e165887578b1924c924c5a76efcfcf7dca08498 (patch)
tree	493a749e959c98c0ab1bf5483f3eec277ffc5446 /Base/usr
parent	7d7127b4637d959e434b8f6ada1ca47cb454c068 (diff)
download	serenity-8e165887578b1924c924c5a76efcfcf7dca08498.zip