Vincas Dargis wrote... > On 2019-07-26 18:59, Christoph Biedl wrote: > > > tl;dr: The file program in unstable is now built with seccomp support > > > enabled, expect breakage in some rather uncommon use cases. > > Interesting, what are these uncommon use cases? Maybe we could confine it > with AppArmor instead, since we have it enabled by default?
LD_PRELOAD ruins your day. From the kernel's point of view there is no
difference between a syscall coming from the actual application and one
coming from the code hooked into it. And while the syscalls done by the
first (i.e. file) are more or less known, the latter requires
examination of each and every implementation and whitelisting
everything. Eventually fakeroot-tcp, wishes to open sockets, something
I certainly would not want to whitelist.
TTBOMK apparmor would not provide a sane solution for that problem.
There still might be another use case: The file program should[citation
needed] not write to any file. Reading however must be possible for
every item in the entire file system.
Christoph
signature.asc
Description: PGP signature
