dunkirk.sh / battleship-arena
a geicko-2 based round robin ranking system designed to test c++ battleship submissions battleship.dunkirk.sh
fork atom

fix: allow writes to battleship directory in sandbox

dunkirk.sh cb97956f e84026dc

verified
options
unified split
Changed files
+1
internal
runner
runner.go
+1
internal/runner/runner.go 
···

       
45

       
45

       
 

       
		"--property=PrivateNetwork=true",   // Isolate network (no internet)


     

       
46

       
46

       
 

       
		"--property=PrivateTmp=true",       // Private /tmp


     

       
47

       
47

       
 

       
		"--property=NoNewPrivileges=true",  // Prevent privilege escalation


     

       

       
48

       
+

       
		"--property=ReadWritePaths=/var/lib/battleship-arena",  // Allow writes to battleship directory


     

       
48

       
49

       
 

       
		"--",


     

       
49

       
50

       
 

       
	}


     

       
50

       
51

       
 

       
	systemdArgs = append(systemdArgs, args...)