Hi folks,
This is purely OpenBSD-specific; had a brief look at SecComp and
promptly ran away.
Included are pledge(2) diffs for dwm, dmenu, st and slock. I've been
testing these for a week now (both stress-tests and normal usage), and I
have no ill effects to report.
- st has been tortured with cat'ing from /dev/random, ssh'ing into some
odd boxes, running all sorts of silly ncurses apps, etc. I'm writing
this email by ssh'ing via mosh to a Linux box running emacs in tmux,
and everything looks good.
- slock has been thoroughly keyboard-mashed. The question stands,
whether it's a good idea for a potentially non-exploitable bug in
slock to be able to kill it and unlock the screen. Perhaps only worth
enabling in "debug mode"?
- dmenu survived cat'ing some serious /dev/random.
- dwm hasn't been tested super-thoroughly, since I keep this one machine
free from most random crap; however all of the above apps + dillo,
firefox, xconsole, and some others didn't seem to cause any problems.
My approach was to first try dropping as much privileges as possible
before initialisation, and then some more right before entering the main
loop. I believe even more privileges could be dropped, e.g. in dwm, if
it used a separate process for handling keyboard launching.
Tested on 5.9-stable, amd64.
If there's interest, I could work on pledging other suckless tools as
well (sbase? ii? quark? sup? suggestions?).
Thanks!
K.
- text/x-diff attachment: stored
- text/x-diff attachment: stored
- text/x-diff attachment: stored
- text/x-diff attachment: stored
Received on Wed May 18 2016 - 18:50:15 CEST