On Wed, Nov 08, 2023 at 11:04:01AM +, Klemens Nanni wrote:
> This service seems like a common dependency for desktop environments
> and runs as root speaking D-Bus without any activesecurity mechanisms.
>
> ioctl(2) for cd(4) and sysctl(2) hw.disknames usage currently prevents
> using pledge(2
On Wed, Nov 08, 2023 at 06:39:19PM +0100, Landry Breuil wrote:
> out of curiosity, what do you mean by 'works under Xfce' ? afaik,
> nothing calls the org.freedesktop.UDisks2 name in xfce code.. and
> thunar-volman (which isnt ported) requires gudev (not ported either)
Means nothing breaks for me
Le Wed, Nov 08, 2023 at 11:04:01AM +, Klemens Nanni a écrit :
> This service seems like a common dependency for desktop environments
> and runs as root speaking D-Bus without any activesecurity mechanisms.
>
> ioctl(2) for cd(4) and sysctl(2) hw.disknames usage currently prevents
> using pledg
This service seems like a common dependency for desktop environments
and runs as root speaking D-Bus without any activesecurity mechanisms.
ioctl(2) for cd(4) and sysctl(2) hw.disknames usage currently prevents
using pledge(2).
Use unveil("/", "rwc") for starters to strip x bits as, by design, th