-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds OpenBSD's pledge() #5560
Adds OpenBSD's pledge() #5560
Conversation
Provided LibC bindings are minimal to satisfy the core and stdlib. |
Pledge is one of the core offerings of OpenBSD. Everything in base has been pledged right down to tools like |
@chris-huxtable The standard library can't provide functionality that works in some platforms but not others. Plus, this is just adding a C binding, and we don't document this. I suggest to define and wrap this function in a shard and provide it, expliclty stating that it only works in OpenBSD. |
@chris-huxtable We might think about this if there was a Even then, i'd much rather have something cross-platform, and every unix does this kind of syscall firewall differently, so that's not really feasible. |
It looks like in most programming languages this is supported a an optional package: https://gist.github.com/ligurio/f6114bd1df371047dd80ea9b8a55c104 |
Oh, not true: Go has it in core since May last year: http://undeadly.org/cgi?action=article&sid=20170323042425 |
@straight-shoota I couldn't find that in the std, it seems to be in the golang/sys repo. |
You're right. Not in core. But an official package. |
I have expanded on this and created a shard if anyone is interested. |
@chris-huxtable that's cool, but uid/euid/username/groupname/etc really belong in the stdlib because they're cross-platform. It'd be ideal if a shard called |
Or, like Go, we could have an official |
If its valuable I can make a pull request which only contains privilege dropping and chroot. While making a shard which just contains pledge. Thoughts? |
Thinking about it more, it's probably best to look at what Go's done here in That is: Not sure about chroot but my gut feeling is we should just add it. |
I have put together a pull request which would add chroot to Process. I have also previously built classes for both system users and groups. I would be willing to open source those components. I think it makes the most sense to build them right into the standard library as setuid/setgid are fundamental process control functions which are baked in to all unix-based OS's. |
Yeah, I agree on having setuid, setgid in the stdlib, but I think introducing |
I like that. I will put together a pull request. |
For anyone looking for pledge. I have created a shard that adds only pledge. |
Adds OpenBSD's pledge function.
"The current process is forced into a restricted-service operating mode. A few subsets are available, roughly described as computation, memory management, read-write operations on file descriptors, opening of files, networking. In general, these modes were selected by studying the operation of many programs using libc and other such interfaces, and setting promises or execpromises."