From owner-freebsd-current@freebsd.org Sat Jun 11 11:20:36 2016 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7EFE2AEF7CB for ; Sat, 11 Jun 2016 11:20:36 +0000 (UTC) (envelope-from florian.ermisch@alumni.tu-berlin.de) Received: from mail-2.alumni.tu-berlin.de (mail-2.alumni.tu-berlin.de [130.149.5.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 474F22DD1 for ; Sat, 11 Jun 2016 11:20:35 +0000 (UTC) (envelope-from florian.ermisch@alumni.tu-berlin.de) X-tubIT-Incoming-IP: 78.52.0.136 Received: from x4e340088.dyn.telefonica.de ([78.52.0.136] helo=unknown806C1B08767B) by mailbox.alumni.tu-berlin.de (exim-4.84_2) with esmtpsa [TLSv1.2:DHE-RSA-AES256-SHA:256] id 1bBgxm-0001QG-U9; Sat, 11 Jun 2016 13:20:27 +0200 In-Reply-To: <20160611103834.GA75085@lyxys.ka.sub.org> References: <20160611103834.GA75085@lyxys.ka.sub.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Subject: Re: The OpenBSD pledge From: Florian Ermisch Date: Sat, 11 Jun 2016 13:20:24 +0200 To: freebsd-current@freebsd.org,Domagoj Stolfa Message-ID: <1F5A9247-7C98-483C-A4BD-4A3D54208B3D@alumni.tu-berlin.de> X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Jun 2016 11:20:36 -0000 Am 11. Juni 2016 12:38:34 MESZ, schrieb Wolfgang Zenker : > Hi, > > * Domagoj Stolfa [160611 02:47]: > > Has there been discussion on the OpenBSD's pledge going into the > FreeBSD > > kernel as an atomic syscall or as a MAC plugin? > > I don't remember any discussions about this, but looking at OpenBSDs > plege(2) manpage, isn't this something going in the same direction > as the capsicum(4) framework, just with a much more simplistic > interface? > > Wolfgang > One could argue it's a much easier to use interface: "453 out of 707 base system binaries were adapted to use pledge [in 5.9]" [1]. The "Capsicum for FreeBSD" page at can.ac.uk lists 14 binaries in FreeBSD's base [2]. It might be possible to put a pledge compatible layer on top of capsicum to reuse OpenBSD's patches for ports and shared code in base but I know way too less about both mechanisms to even make an educated guess. Regards, Florian [1]: http://www.openbsd.org/59.html [2]: https://www.cl.cam.ac.uk/research/security/capsicum/freebsd.html