> Am 26.04.2017 um 13:38 schrieb Luke Small <[email protected]>: > > Pledge will presumably have per process (including fork()ed process) **path > limitations on rpath rpath and wpath calls, why not limitations on inet and > unix?
We usually want to isolate our network speakers from the local system - combining inet and rpath/wpath should be avoided. Use privsep and fd passing to open the socket in another process with the capability to do so. This is what we do in most daemons. Or open the socket before pledge for static configurations. Reyk >> On Wed, Apr 26, 2017 at 6:26 AM Janne Johansson <[email protected]> wrote: >> >> 2017-04-26 13:19 GMT+02:00 Luke Small <[email protected]>: >> >>> I'm not saying to alter pledge necessarily, maybe make new system call >>> like pledge. There aren't any per-process pf rules that are applied. >> >> >> If your daemon has a specific user, you can make such rules in PF. >> The goal you stated can be reached already, why keep on suggesting new >> syscalls? >> >> >> -- >> May the most significant bit of your life be positive. >>
