Date: Sun, 27 Mar 2016 05:03:10 +0000 From: Loganaden Velvindron <loganaden@...il.com> To: kernel-hardening@...ts.openwall.com Cc: Mickaël Salaün <mic@...ikod.net>, linux-security-module <linux-security-module@...r.kernel.org>, Andreas Gruenbacher <agruenba@...hat.com>, Andy Lutomirski <luto@...capital.net>, Andy Lutomirski <luto@...nel.org>, Arnd Bergmann <arnd@...db.de>, Casey Schaufler <casey@...aufler-ca.com>, Daniel Borkmann <daniel@...earbox.net>, David Drysdale <drysdale@...gle.com>, Eric Paris <eparis@...hat.com>, James Morris <james.l.morris@...cle.com>, Jeff Dike <jdike@...toit.com>, Julien Tinnes <jln@...gle.com>, Michael Kerrisk <mtk@...7.org>, Paul Moore <pmoore@...hat.com>, Richard Weinberger <richard@....at>, "Serge E . Hallyn" <serge@...lyn.com>, Stephen Smalley <sds@...ho.nsa.gov>, Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>, Will Drewry <wad@...omium.org>, Linux API <linux-api@...r.kernel.org> Subject: Re: Re: [RFC v1 00/17] seccomp-object: From attack surface reduction to sandboxing On Thu, Mar 24, 2016 at 4:24 PM, Kees Cook <keescook@...omium.org> wrote: > On Wed, Mar 23, 2016 at 6:46 PM, Mickaël Salaün <mic@...ikod.net> wrote: >> Hi, >> >> This series is a proof of concept (not ready for production) to extend seccomp >> with the ability to check argument pointers of syscalls as kernel object (e.g. >> file path). This add a needed feature to create a full sandbox managed by >> userland like the Seatbelt/XNU Sandbox or the OpenBSD Pledge. It was initially >> inspired from a partial seccomp-LSM prototype  but has evolved a lot since :) > > This is interesting! I'd really like to get argument inspection > working. I'm going to spend some time examining this series more > closely, but my initial reaction is that I'm suspicious of the ToCToU > checking -- I'd rather there be no race at all. As for the bug-fixes, > I'll get those pulled in now. Thanks! > Personally, I love the OpenBSD pledge() mechanism. It makes it so easy to apply attack surface reduction. If seccomp moves closer to pledge, that would be great. See here: https://github.com/dimkr/libwaive
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.