Date: Tue, 23 Aug 2016 20:27:05 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 212083] capsicum lacks compat32 support Message-ID: <bug-212083-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212083 Bug ID: 212083 Summary: capsicum lacks compat32 support Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: emaste@freebsd.org compat32 support for capsicum is currently stubbed out -- from compat/freebsd32/freebsd32_capability.c: int freebsd32_cap_enter(struct thread *td, struct freebsd32_cap_enter_args *uap) { /* * We do not have an equivalent of capabilities.conf for freebsd32 * compatibility, so do not allow capability mode for now. */ return (ENOSYS); } as the typical usage is something like: if (cap_enter() < 0 && errno != ENOSYS) die_with_error(); binaries using compat32 will silently avoid being sandboxed. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-212083-8>