apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-27 20:29:39 +02:00
Code Issues Projects Releases Packages Wiki Activity

[pitboss] phase 03: M3 — Docker backend + sandbox-escape regression suite

Browse source
This commit is contained in:
pitboss 2026-05-12 00:05:11 -04:00
parent 3a4f1b177b
commit a8b9dcd72b
36 changed files with 1778 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

15
tests/dynamic_fixtures/escape/raw_socket.py Normal file
View file

@ -0,0 +1,15 @@
"""Escape attempt: create a raw (AF_PACKET) socket.
Requires CAP_NET_RAW. Expected outcome: PermissionError (--cap-drop=ALL).
"""
import socket
import sys
try:
s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, 0)
s.close()
print("NYX_ESCAPE_SUCCESS: created raw socket")
sys.exit(0)
except (PermissionError, OSError) as e:
print(f"BLOCKED: {e}", file=sys.stderr)
sys.exit(1)