D8756: Forbid more syscalls which could modify the filesystem

2018-01-04 Thread David Kahles
davidk added a comment. In https://phabricator.kde.org/D8756#186280, @davidk wrote: > I'm not sure what happens here as well. I guess that arm64 doesn't implement many syscalls. I will prepare a patch to exclude those syscalls if they're not available. Here it is:

D8756: Forbid more syscalls which could modify the filesystem

2018-01-04 Thread David Kahles
davidk added a comment. In https://phabricator.kde.org/D8756#176550, @bshah wrote: > Hello, > > It seems this commit doesn't seem to build on arm64 properly: https://build.neon.kde.org/job/xenial_unstable_plasma_kscreenlocker_bin_arm64/1/console > > I don't exactly understand

D8756: Forbid more syscalls which could modify the filesystem

2017-12-05 Thread Bhushan Shah
bshah added a comment. Hello, It seems this commit doesn't seem to build on arm64 properly: https://build.neon.kde.org/job/xenial_unstable_plasma_kscreenlocker_bin_arm64/1/console I don't exactly understand what's going on. REPOSITORY R133 KScreenLocker REVISION DETAIL

D8756: Forbid more syscalls which could modify the filesystem

2017-11-10 Thread David Kahles
This revision was automatically updated to reflect the committed changes. Closed by commit R133:7720e8486337: Forbid more syscalls which could modify the filesystem (authored by davidk). REPOSITORY R133 KScreenLocker CHANGES SINCE LAST UPDATE https://phabricator.kde.org/D8756?vs=22174=22176

D8756: Forbid more syscalls which could modify the filesystem

2017-11-10 Thread Martin Flöser
graesslin accepted this revision. This revision is now accepted and ready to land. REPOSITORY R133 KScreenLocker BRANCH seccomp REVISION DETAIL https://phabricator.kde.org/D8756 To: davidk, graesslin Cc: plasma-devel, ZrenBot, progwolff, lesliezhai, ali-mohamed, jensreuterberg, abetts,

D8756: Forbid more syscalls which could modify the filesystem

2017-11-10 Thread David Kahles
davidk added a reviewer: graesslin. REPOSITORY R133 KScreenLocker REVISION DETAIL https://phabricator.kde.org/D8756 To: davidk, graesslin Cc: plasma-devel, ZrenBot, progwolff, lesliezhai, ali-mohamed, jensreuterberg, abetts, sebas, apol, mart

D8756: Forbid more syscalls which could modify the filesystem

2017-11-10 Thread David Kahles
davidk created this revision. Restricted Application added a project: Plasma. Restricted Application added a subscriber: plasma-devel. REVISION SUMMARY Forbid more syscalls. An malicious theme could create directories with the password as name, or encode the password in chmod bits. Also,