From: "Michał Górny" <mgorny@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Reviving the Sandbox project
Date: Fri, 22 Sep 2017 17:20:23 +0200 [thread overview]
Message-ID: <1506093623.1104.1.camel@gentoo.org> (raw)
In-Reply-To: <20170922125721.2fc2f243@gentoo.org>
W dniu pią, 22.09.2017 o godzinie 12∶57 +0200, użytkownik Alexis Ballier
napisał:
> On Fri, 22 Sep 2017 06:07:18 +0200
> Michał Górny <mgorny@gentoo.org> wrote:
>
> > W dniu czw, 21.09.2017 o godzinie 15∶41 -0700, użytkownik Matt Turner
> > napisał:
> > > On Thu, Sep 21, 2017 at 2:25 PM, Michał Górny <mgorny@gentoo.org>
> > > wrote:
> > > > Given that sandbox is utterly broken by design, I don't really
> > > > want to put too much effort in trying to make it a little better.
> > > > I'd rather put the minimal effort required to make it
> > > > not-much-worse.
> > >
> > > You said in your initial email that you weren't an expert in its
> > > internals, but here you say it's broken by design. Why do you think
> > > that?
> > >
> >
> > Because it uses LD_PRELOAD which is a huge hack and which causes
> > guaranteed issues we can't really fix. All we can do is disable it for
> > emacs, for compiler-rt and I'm afraid this list will grow because
> > overriding random library functions is never a good idea.
> >
>
> I think we're all ears for a better solution. There are probably much
> better ways to do sandboxing these days than 15 years ago.
>
> LD_PRELOAD does not work with static binaries. Hence the non
> portable ptrace stuff. Hence bugs. Etc. The point is, that's the
> best we have now.
>
I know of two obvious alternatives: ptrace and filesystem layer (e.g.
FUSE).
For the former, there's sydbox. I'm going to look into integrating it
into Portage when I have more time.
For the latter, I have writing one in TODO. But I'm not sure when I'll
have enough time to do work on it.
--
Best regards,
Michał Górny
next prev parent reply other threads:[~2017-09-22 15:20 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-21 19:56 [gentoo-dev] Reviving the Sandbox project Michał Górny
2017-09-21 20:33 ` Mart Raudsepp
2017-09-21 20:54 ` Michał Górny
2017-09-21 21:07 ` Mart Raudsepp
2017-09-21 21:25 ` Michał Górny
2017-09-21 22:41 ` Matt Turner
2017-09-22 4:07 ` Michał Górny
2017-09-22 10:57 ` Alexis Ballier
2017-09-22 11:38 ` Sergei Trofimovich
2017-09-22 12:04 ` Alexis Ballier
2017-09-22 12:27 ` Rich Freeman
2017-09-22 15:06 ` James McMechan
2017-09-22 17:03 ` Brian Dolbec
2017-09-22 17:16 ` Patrick McLean
2017-09-22 15:20 ` Michał Górny [this message]
2017-09-22 17:15 ` Alexis Ballier
2017-09-22 17:39 ` Michał Górny
2017-09-22 18:31 ` Alexis Ballier
2017-09-22 21:26 ` Michał Górny
2017-09-21 21:28 ` Patrick McLean
2017-09-22 21:51 ` R0b0t1
2017-09-22 22:01 ` Michael Orlitzky
2017-09-22 22:05 ` Alec Warner
2017-09-23 5:18 ` R0b0t1
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1506093623.1104.1.camel@gentoo.org \
--to=mgorny@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox