Date: Thu, 31 Mar 2022 15:37:34 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Ed Maste <emaste@freebsd.org> Cc: David Chisnall <theraven@freebsd.org>, FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: curtain: WIP sandboxing mechanism with pledge()/unveil() support Message-ID: <20220331193734.3pwhap2443gd33hg@mutt-hbsd> In-Reply-To: <CAPyFy2BCpdzP=68r19UpazCmEPft7ZK52qmZFb2Ohjw8Jf14OQ@mail.gmail.com> References: <25b5c60f-b9cc-78af-86d7-1cc714232364@gmail.com> <01320c49-fa7e-99d2-5840-3c61bb8c0d57@FreeBSD.org> <2d103b77-84d4-fbd7-d957-21b9aa4d5d79@gmail.com> <16ab7cdb-32b4-5ffe-f6a8-a657383b3078@FreeBSD.org> <CAPyFy2BCpdzP=68r19UpazCmEPft7ZK52qmZFb2Ohjw8Jf14OQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--ph6ib4uu6ovyuodt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 31, 2022 at 03:33:06PM -0400, Ed Maste wrote: > On Thu, 31 Mar 2022 at 06:25, David Chisnall <theraven@freebsd.org> wrote: > > > > Capsicum simply disallows '..' in paths. >=20 > This is no longer true as of 7359fdcf5ffa. During a lookup the kernel > checks that each ".." component specifies a directory that has already > been visited in this name lookup call. >=20 > > The execve hole is the reason that I have little interest in pledge as > > an enforcement mechanism. >=20 > Note that execve is only available if the "exec" keyword is specified. > The child does not inherit the parent's limits, though. I wonder if there's opportunity here for a little divergence. I think inheritance would be a good thing. But this is more a philosophical and subjective argument than a technical one. --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --ph6ib4uu6ovyuodt Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmJGAvwACgkQ/y5nonf4 4foOEQ//WCETIFfsCTzVRqAhWFR0Cksm5CnQJ3Q07Olk4ZCSHK8qQZM5KhYug4Si THDcBmF671qwhm4H7rALyeH+4II9uHTRnWK3FsyfUEO96CD3Nzl8cqKOPiMZ/Gwz 1VmTsaUYmdODGjtGC/AgTXp9+4mQGd1jXAO7Kdk57WYMsK8fxQ+YpDth2ejmOtrQ itdiHMB5R5B8OUO3ULB+3tEs1U0uDap1RpzejAnFv7T1NTNOGyIrjow9KbuLf092 mUuBqA0yJPDni46Sqq4FvvKQnuEXNLZ60jiIrKvqYqEcJmZKRb1IZ/0vR4wLkfWt ZnqdQoSH9EQh1TPTYZD5TT4kIbVkR9201Q8EOqQ0HvrlWQ7ka4LYyuAazTGLr8H3 WOZVUSzntxVnCeLUNG5TLIMxduJpQBFbrkuLnN63JIfmEN66fORk0v12BuJ5yiZA RgywFXvA55EDfLLP7nF4WKrg9Aif7JoXh9afx/glSjKJmbKjxWDgoIypJchmeJ4D PHIV2KU8/PGq36aQvtD4Hs//51zrgCU1NsszmwY75WYvspFSwgMLHbm+uNqmsUiT 6I7LWSol3y0hcJdPRCCmQMRuA3JCqUXUOJze1PlN3hBYyIu4W5Mmx50l/O3skz5w hS61Ta0aKM72RSGp7u6pGL0h1lNPGb1xameiACYMrk+3sWORGLo= =rLMD -----END PGP SIGNATURE----- --ph6ib4uu6ovyuodt--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220331193734.3pwhap2443gd33hg>