Re: might it be better to have three paths lists

Split your program. Stricter privilege separation. Replace thread with fork, you will have self contained program unit. An overflow in one won't affect the other. And each piece will have tighter pledge. 2016-09-03 12:37 GMT+02:00 Luke Small : > If a program requires studio, wpath, rpath, dns, a

Re: might it be better to have three paths lists

Wow, Luke you are the man. > Probably right, if they were pushing strong release dates, they'd go with > freebsd or linux > > On Sat, Sep 3, 2016, 05:44 Theo de Raadt wrote: > > > Not a strong requirement. > > > > > If a program requires studio, wpath, rpath, dns, and inet. It spawns > > > mult

Re: might it be better to have three paths lists

Not a strong requirement. > If a program requires studio, wpath, rpath, dns, and inet. It spawns > multiple threads. The socket binding thread is taken over, runs arbitrary > code that overflows a buffer of the thread listening to a pipe with rpath > and stdio permissions it reads the binary of an

Re: might it be better to have three paths lists

If a program requires studio, wpath, rpath, dns, and inet. It spawns multiple threads. The socket binding thread is taken over, runs arbitrary code that overflows a buffer of the thread listening to a pipe with rpath and stdio permissions it reads the binary of an executable the company wants to re

Re: might it be better to have three paths lists

On 2016-09-03, ludovic coues wrote: > What is the use case ? More than "what is the use case" is needed here - a good start would be a diff for 3 or 4 examples of existing programs in base showing how it would be used to improve things.

Re: might it be better to have three paths lists

2016-09-03 11:04 GMT+02:00 Luke Small : > > > Sorry I was in the middle of something, but pledge can be a broad brush, > unless you are dealing with one file, whether it is executed, read, or > written and giving per process file permissions sounds pretty neat, and it > might just be a little simp

Re: might it be better to have three paths lists

In pledge, presumably there will be an accessible paths list. Maybe you grant a process root access, and you need to read a file which is only granted by root access, and you need write access for another file, so the pledge permissions reflect that. On the presumed current path, you would leave wr

Re: might it be better to have three paths lists

What is the use case ? 2016-09-03 4:15 GMT+02:00 Luke Small : > wouldn't it be more secure to have a write, read, and execute capable paths > lists in pledge() > -- Cordialement, Coues Ludovic +336 148 743 42