subject:"Any reason there's no way to persist pledge\(2\) state across exec\?"

Re: Any reason there's no way to persist pledge(2) state across exec?

2016-04-15 Thread Theo de Raadt

>What's the use for this? What program could use it? EXACTLY. Any proposal like yours requires a justification, so SHOW a program which needs it right now. At least show one. >On Sun, Apr 10, 2016 at 08:48:08AM -0700, Brennan Vincent wrote: >> Subject basically says it all. I think some could

Re: Any reason there's no way to persist pledge(2) state across exec?

2016-04-11 Thread lists

Sun, 10 Apr 2016 14:23:02 -0700 Brennan Vincent > Got it. Thanks for the explanation. > > On Sun, Apr 10, 2016, at 01:36 PM, Stuart Henderson wrote: > > On 2016/04/10 20:50, Nicholas Marriott wrote: > > > Hi > > > > > > What's the use for this? What program could use

Re: Any reason there's no way to persist pledge(2) state across exec?

2016-04-10 Thread Brennan Vincent

Got it. Thanks for the explanation. On Sun, Apr 10, 2016, at 01:36 PM, Stuart Henderson wrote: > On 2016/04/10 20:50, Nicholas Marriott wrote: > > Hi > > > > What's the use for this? What program could use it? > > > > On Sun, Apr 10, 2016 at 08:48:08AM -0700, Brennan Vincent wrote: > > >

Re: Any reason there's no way to persist pledge(2) state across exec?

2016-04-10 Thread Brennan Vincent

I imagine it could be used to provide rudimentary sandboxing (running untrusted or partially-trusted code and limiting what it is allowed to access). Let me know if I am mistaken. On Sun, Apr 10, 2016, at 12:50 PM, Nicholas Marriott wrote: > Hi > > What's the use for this? What program could use

Re: Any reason there's no way to persist pledge(2) state across exec?

2016-04-10 Thread Stuart Henderson

On 2016/04/10 20:50, Nicholas Marriott wrote: > Hi > > What's the use for this? What program could use it? > > On Sun, Apr 10, 2016 at 08:48:08AM -0700, Brennan Vincent wrote: > > Subject basically says it all. I think some could find it useful to have > > `pledge` promises optionally persist

Re: Any reason there's no way to persist pledge(2) state across exec?

2016-04-10 Thread Nicholas Marriott

Hi What's the use for this? What program could use it? On Sun, Apr 10, 2016 at 08:48:08AM -0700, Brennan Vincent wrote: > Subject basically says it all. I think some could find it useful to have > `pledge` promises optionally persist even after the process calls > execve. This could, for

Any reason there's no way to persist pledge(2) state across exec?

2016-04-10 Thread Brennan Vincent

Subject basically says it all. I think some could find it useful to have `pledge` promises optionally persist even after the process calls execve. This could, for example, be implemented with an `exec_noreset` pledge that gives access to the same syscalls as `exec`, but with this restricted

Re: Any reason there's no way to persist pledge(2) state across exec?

Re: Any reason there's no way to persist pledge(2) state across exec?

Re: Any reason there's no way to persist pledge(2) state across exec?

Re: Any reason there's no way to persist pledge(2) state across exec?

Re: Any reason there's no way to persist pledge(2) state across exec?

Re: Any reason there's no way to persist pledge(2) state across exec?

Any reason there's no way to persist pledge(2) state across exec?

7 matches

Site Navigation

Mail list logo

Footer information