https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248335
--- Comment #2 from Dan Gohman <[email protected]> --- As an example, paths may contain usernames. Usernames may not be sensitive in a username/password sense, but they are in a personally-identifying-information sense. In my application, we have untrusted WebAssembly bytecode running inside an interpreter. The bytecode may make calls to an API called WASI, which includes POSIX-like filesystem access. We have an implementation of WASI which implements sandboxing that works on FreeBSD, however it's slow (about one syscall per path component). A feature like `O_BENEATH` but which instead blocks access to paths outside the topping directory could run much faster. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "[email protected]"
