Split your program. Stricter privilege separation.
Replace thread with fork, you will have self contained program unit.
An overflow in one won't affect the other. And each piece will have
tighter pledge.
2016-09-03 12:37 GMT+02:00 Luke Small :
> If a program requires
Wow, Luke you are the man.
> Probably right, if they were pushing strong release dates, they'd go with
> freebsd or linux
>
> On Sat, Sep 3, 2016, 05:44 Theo de Raadt wrote:
>
> > Not a strong requirement.
> >
> > > If a program requires studio, wpath, rpath, dns, and
Not a strong requirement.
> If a program requires studio, wpath, rpath, dns, and inet. It spawns
> multiple threads. The socket binding thread is taken over, runs arbitrary
> code that overflows a buffer of the thread listening to a pipe with rpath
> and stdio permissions it reads the binary of
If a program requires studio, wpath, rpath, dns, and inet. It spawns
multiple threads. The socket binding thread is taken over, runs arbitrary
code that overflows a buffer of the thread listening to a pipe with rpath
and stdio permissions it reads the binary of an executable the company
wants to
On 2016-09-03, ludovic coues wrote:
> What is the use case ?
More than "what is the use case" is needed here - a good start would be
a diff for 3 or 4 examples of existing programs in base showing how it would
be used to improve things.
2016-09-03 11:04 GMT+02:00 Luke Small :
>
>
> Sorry I was in the middle of something, but pledge can be a broad brush,
> unless you are dealing with one file, whether it is executed, read, or
> written and giving per process file permissions sounds pretty neat, and it
>
In pledge, presumably there will be an accessible paths list. Maybe you
grant a process root access, and you need to read a file which is only
granted by root access, and you need write access for another file, so the
pledge permissions reflect that. On the presumed current path, you would
leave
What is the use case ?
2016-09-03 4:15 GMT+02:00 Luke Small :
> wouldn't it be more secure to have a write, read, and execute capable paths
> lists in pledge()
>
--
Cordialement, Coues Ludovic
+336 148 743 42
wouldn't it be more secure to have a write, read, and execute capable paths
lists in pledge()
9 matches
Mail list logo