|Anonymous | Login | Signup for a new account||2019-09-17 22:52 UTC|
|My View | View Issues | Change Log | Roadmap | Doomseeker Issue Support Ranking | Rules | My Account|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0003500||Doomseeker||[All Projects] Security||public||2018-09-19 18:09||2019-08-24 17:19|
|Assigned To||Pol M|
|Target Version||Fixed in Version|
|Summary||0003500: pledge(2) is not yet supported|
|Description||If 0003499 is going to happen, then it'd be nice if Doomseeker and Wadseeker were pledge'd.|
|Additional Information||https://man.openbsd.org/pledge.2 [^]|
|Probably not worth a game. But what ever since priority is zero.|
Pol M (developer)
"stdio rpath wpath cpath tmppath inet mcast fattr chown flock unix dns sendfd recvfd tape tty proc exec prot_exec ps audio video unveil"
Should be enough for doomseeker. Maybe there is something that is not needed, but I did not want to over restrict it. There's also the issue that most sys operations will be done by qt, so we don't really know which are being called, and the implementation may change. Due to this, maybe we should not pledge it at all? If we do so, I'd still go for a permissive enough list.
Quote from Pol M
That list seems excessive. I'm also guessing major changes would be needed to restrict processes in Doomseeker lots to smaller operations.
Pledging Wadseeker may do with less.
I cannot judge on the excessivety of the pledge list, however I decided to merge the PR already:https://bitbucket.org/Doomseeker/doomseeker/commits/fa55c0712f19254d76050372ffb52bcfc608af1f [^]
If the list needs tweaking please submit it in another PR or patch.
We don't even use the unveil(2) syscall (yet). The list of pledges above is almost as bad / equivalent as not supporting pledge at all.
One should start with a minimal pledge (e.g. stdio rpath), run the program, find out which missing pledge the program aborts to, then add that to the pledge list. (Maybe Pol M did it this way?) Later restrict the program's operation to some smaller pledges, if at all possible.
|It'd also be good to include a comment in the code explaining why / where each of the pledges is required.|
Pol M (developer)
I started with all of them enabled and started to cut down until something broke. To speed up the process, I did it in batches, allowing me to cut entire chuncks of calls. Since you insist, I'll take a second look at the list :)
Also, there are modules that don't cause Doomseeker to stop working, but cut it's functionality, like the dns option, which means that it's not as easy as simply opening up and seeing it crash.
It would also be nice if lldb worked properly or that gdb and gcc weren't super old, because that way I could actually see why stuff is happening.
Pol Marcet committed 9aef20f (2019-08-02)
Quote from Pol M- Added "getpw" and removed "tape" from pledge promises.
|Only registered users can voice their support. Click here to register, or here to log in.|
|Supporters:||No one explicitly supports this issue yet.|
|Opponents:||No one explicitly opposes this issue yet.|
|2018-09-19 18:09||WubTheCaptain||New Issue|
|2018-09-19 18:09||WubTheCaptain||Relationship added||child of 0003499|
|2018-09-19 18:12||WubTheCaptain||Additional Information Updated||View Revisions|
|2018-09-24 19:36||WubTheCaptain||Relationship replaced||related to 0003499|
|2018-10-13 19:11||WubTheCaptain||Priority||low => none|
|2018-12-17 05:08||WubTheCaptain||Assigned To||=> WubTheCaptain|
|2018-12-17 05:08||WubTheCaptain||Status||new => acknowledged|
|2019-01-06 07:11||WubTheCaptain||Summary||Add support for pledge(2) => pledge(2) is not yet supported|
|2019-01-06 10:42||Filystea||Note Added: 0020305|
|2019-04-17 01:39||WubTheCaptain||Category||Suggestion => Security|
|2019-05-20 15:38||Pol M||Assigned To||WubTheCaptain => Pol M|
|2019-05-20 15:38||Pol M||Status||acknowledged => assigned|
|2019-05-26 15:57||Pol M||Note Added: 0020696|
|2019-05-26 18:28||WubTheCaptain||Note Added: 0020697|
|2019-05-28 16:10||Zalewa||Note Added: 0020700|
|2019-05-30 05:54||WubTheCaptain||Priority||none => low|
|2019-05-30 05:56||WubTheCaptain||Status||assigned => needs review|
|2019-05-30 05:56||WubTheCaptain||Status||needs review => needs testing|
|2019-05-30 06:10||WubTheCaptain||Note Added: 0020704|
|2019-05-30 06:10||WubTheCaptain||Status||needs testing => needs review|
|2019-05-30 06:11||WubTheCaptain||Target Version||=> 1.3|
|2019-05-30 06:19||WubTheCaptain||Note Added: 0020705|
|2019-05-30 06:30||WubTheCaptain||Relationship added||related to 0003653|
|2019-05-30 06:30||WubTheCaptain||Relationship replaced||child of 0003653|
|2019-05-30 06:41||WubTheCaptain||Relationship replaced||related to 0003653|
|2019-05-30 08:01||Pol M||Note Added: 0020706|
|2019-05-31 11:39||Pol M||Status||needs review => assigned|
|2019-06-30 10:44||Zalewa||Target Version||1.3 =>|
|2019-08-24 17:19||WubTheCaptain||Note Added: 0020999|
Questions or other issues? Contact Us.
|Copyright © 2000 - 2019 MantisBT Team|