From owner-freebsd-current@freebsd.org  Sat Jun 11 11:20:36 2016
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7EFE2AEF7CB
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Sat, 11 Jun 2016 11:20:36 +0000 (UTC)
 (envelope-from florian.ermisch@alumni.tu-berlin.de)
Received: from mail-2.alumni.tu-berlin.de (mail-2.alumni.tu-berlin.de
 [130.149.5.29])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 474F22DD1
 for <freebsd-current@freebsd.org>; Sat, 11 Jun 2016 11:20:35 +0000 (UTC)
 (envelope-from florian.ermisch@alumni.tu-berlin.de)
X-tubIT-Incoming-IP: 78.52.0.136
Received: from x4e340088.dyn.telefonica.de ([78.52.0.136]
 helo=unknown806C1B08767B)
 by mailbox.alumni.tu-berlin.de (exim-4.84_2) with esmtpsa
 [TLSv1.2:DHE-RSA-AES256-SHA:256] 
 id 1bBgxm-0001QG-U9; Sat, 11 Jun 2016 13:20:27 +0200
In-Reply-To: <20160611103834.GA75085@lyxys.ka.sub.org>
References: <CABRKQr4U6-QKjcxWK_zV9TYBq-FFzuo4QxyRZ5Dcf9KxLjrypQ@mail.gmail.com>
 <20160611103834.GA75085@lyxys.ka.sub.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
 charset=UTF-8
Subject: Re: The OpenBSD pledge
From: Florian Ermisch <florian.ermisch@alumni.tu-berlin.de>
Date: Sat, 11 Jun 2016 13:20:24 +0200
To: freebsd-current@freebsd.org,Domagoj Stolfa <domagoj.stolfa@gmail.com>
Message-ID: <1F5A9247-7C98-483C-A4BD-4A3D54208B3D@alumni.tu-berlin.de>
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Jun 2016 11:20:36 -0000

Am 11. Juni 2016 12:38:34 MESZ, schrieb Wolfgang Zenker <wolfgang@lyxys.ka.sub.org>:
> Hi,
> 
> * Domagoj Stolfa <domagoj.stolfa@gmail.com> [160611 02:47]:
> > Has there been discussion on the OpenBSD's pledge going into the
> FreeBSD
> > kernel as an atomic syscall or as a MAC plugin?
> 
> I don't remember any discussions about this, but looking at OpenBSDs
> plege(2) manpage, isn't this something going in the same direction
> as the capsicum(4) framework, just with a much more simplistic
> interface?
> 
> Wolfgang
> 
One could argue it's a much easier to use
interface: "453 out of 707 base system 
binaries were adapted to use pledge [in
5.9]" [1]. The "Capsicum for FreeBSD" 
page at can.ac.uk lists 14 binaries in 
FreeBSD's base [2].

It might be possible to put a pledge 
compatible layer on top of capsicum to
reuse OpenBSD's patches for ports and
shared code in base but I know way too 
less about both mechanisms to even 
make an educated guess.

Regards, Florian

[1]: http://www.openbsd.org/59.html
[2]: https://www.cl.cam.ac.uk/research/security/capsicum/freebsd.html