Re: [dev] pledge(2) patches

From: FRIGN <dev_AT_frign.de>
Date: Mon, 6 Jun 2016 14:39:04 +0200

On Mon, 6 Jun 2016 13:36:14 +0200
Martin Kühne <mysatyre_AT_gmail.com> wrote:

Hey Martin,

> Having done my own research, no it can't. Also, the way it is designed
> is a rather silly approach to security which is much more revealing
> about today's idiotic way of writing software by including tens of
> millions of SLOC of dependencies instead of doing the one thing for
> the one job.

pledge(1) is not a security-feature, but a hardening-feature. Keep that
in mind. The secure design of software (i.e. separating into sub-components
that do one thing and do it well) is still up the programmer.

However, you bring up a good point. I mean, even we here at suckless
are guilty of this. Why exactly do we need to have one dwm.c for dwm?
One st.c for st? Especially in regard to st we could easily split the
terminal emulation and rendering part. If we based the rendering on
simple primitives, it would be relatively easy to port it to other
platforms.

What it all brings up is the issue of IPC. Can you people suggest
your favourite approach to IPC? If not, maybe we could look into
writing a very simple library (name-suggestion "sippy" :P) which
builds on top of UDS and implements a very simple messaging
protocol.

> I personally find the idea of polluting our source code for this
> appalling and suggest the wiki.

We also had the idea yesterday on IRC to let the OpenBSD guys know
and just help them apply the patch to the st port.

Cheers

FRIGN

-- 
FRIGN <dev_AT_frign.de>
Received on Mon Jun 06 2016 - 14:39:04 CEST

This archive was generated by hypermail 2.3.0 : Mon Jun 06 2016 - 14:48:11 CEST