[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Seccomp in coreutils
From: |
David Sastre |
Subject: |
Seccomp in coreutils |
Date: |
Sun, 21 Jan 2018 20:57:06 +0100 |
Hello,
I have been recently playing around with seccomp and the coreutils source
code and was wondering about the feasibility of implementing seccomp
filters in the tools.
The main benefit for the project would be offering the possibility of
reducing exploitability by reducing the system calls a program might make,
using a whitelist.
Searching the mail archives of the project for discussions around this
topic has not been fruitful, hence my asking.
I have tested locally with some of the easiest examples possible (true and
echo) and a, quite possibly, very naive implementation; but it seems to
work as expected.
If I where to put some effort in this, and provided this functionality is
made explicitly GNU/Linux dependant and optional, would there be interest
from the group? I would most probably require assistance with the autotools
changes required, not to mention code review.
My main inspiration for this request is the OpenBSD pledge()[1] syscall,
which is applied to the base system (containing most of the equivalent
tools in GNU/Linux land). You can check an example[2] on the 'echo' tool
source code.
Regards and thanks in advance for any feedback, I would love to hear from
the devs even in the case this request is considered not useful.
[1] https://man.openbsd.org/pledge.2
[2] https://github.com/openbsd/src/blob/master/bin/echo/echo.c
- Seccomp in coreutils,
David Sastre <=