On Sat, Mar 29, 2025 at 01:04:08PM -0700, Rick Macklem wrote: > On Sat, Mar 29, 2025 at 12:50 PM Shawn Webb <shawn.w...@hardenedbsd.org> > wrote: > > > > On Sat, Mar 29, 2025 at 12:39:02PM -0700, Rick Macklem wrote: > > > > I had added filesystem extended attribute support to libarchive, which > > > > is what FreeBSD's tar(1) is based off of. I upstreamed that, so that's > > > > taken care of. FreeBSD's tar(1) has supported extended attributes > > > > since 2020 (see libarchive PR 1409: > > > > https://github.com/libarchive/libarchive/pull/1409) > > > Ok, thanks for the info. If this stuff goes into FreeBSD, it probably > > > needs > > > to be tweaked to use the different syscall API so that it can handle large > > > attributes and maybe the attribute's mode. (someday, maybe?) > > > > I believe libarchive has been updated in FreeBSD since October 2020, > > so the vendored libarchive in FreeBSD should already support it. But, > > yeah, if FreeBSD makes changes to how extended attributes work, I or > > someone else would need to update libarchive to account for that. > > > > Since HardenedBSD follows FreeBSD closely (we sync every six hours), I > > would probably volunteer to update the libarchive code. > > > > > > Just one data point here: HardenedBSD uses filesystem extended > > > > attributes to toggle certain exploit mitigations on a per-application > > > > basis. That's why we added support to libarchive: so we can ship > > > > certain packages with exploit mitigations pre-toggled. > > > Just curious. Does it use "system" or "user" attribute space? > > > > We use the system namespace, though the userland tool (hbsdcontrol) > > was recently taught about the user namespace. The kernel side only > > supports system namespace. So the user namespace support in > > hbsdcontrol is somewhat meaningless. I do plan to eventually get to > > the kernel side, but my TODO list continues growing. :-) > Ok, this wouldn't be affected by the patches I've been doing, since they > handle user space only. (system space will still work, but only via the > extattr_XXX() APIs.
Cool. I have another project that uses user namespaces: https://git.hardenedbsd.org/shawn.webb/altfs AltFS is a fusefs driver that stores file payload in filesystem extended attributes, using the user namespace. It only partially works and again is bitten by more important items on my TODO list. It mainly serves as a proof-of-concept for a weird data exfiltration technique. Not at all meant for actual production use. Do you already have a patch for review in Phabric? I might want to add myself to it so I can more easily keep informed. Thanks, -- Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
signature.asc
Description: PGP signature
