Page MenuHomeFreeBSD
Differential D7982

primes: trivially capsicumize
ClosedPublic
Actions

Authored by emaste on Sep 20 2016, 5:30 PM.
Tags
None
Referenced Files
F114309708: D7982.id20546.diff
Thu, Apr 10, 8:05 PM
Unknown Object (File)
Sun, Mar 30, 2:20 AM
Unknown Object (File)
Thu, Mar 27, 5:53 PM
Unknown Object (File)
Mar 6 2025, 3:31 AM
Unknown Object (File)
Jan 24 2025, 7:36 PM
Unknown Object (File)
Jan 22 2025, 6:57 AM
Unknown Object (File)
Jan 20 2025, 5:26 PM
Unknown Object (File)
Jan 17 2025, 4:53 PM
View All 89 Files
Subscribers
allanjude
bapt
cem
oshogbo
pjd

Details

Reviewers
cem
Commits
rS306502: primes: trivially capsicumize
Summary

Posting as an example of capsicumizing a trivial application that has little attack surface. As demonstrated with elfdump in D7944 some implementation-specific rights are required by stdio.

For applications like primes (and elfdump) the I think benefit in the simplicity of just entering capability mode (and dropping ambient authority) outweighs the few additional lines of code and possible maintainability cost of manipulating stdio rights.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste updated this revision to Diff 20546.Sep 20 2016, 5:30 PM
emaste retitled this revision from to primes: trivially capsicumize.
emaste updated this object.
emaste edited the test plan for this revision. (Show Details)
emaste added subscribers: cem, bapt, allanjude and 2 others.
cem added inline comments.Sep 20 2016, 6:11 PM
usr.bin/primes/primes.c
103 ↗(On Diff #20546)

This breaks open, which may be used below for localizing err*().

emaste planned changes to this revision.Sep 20 2016, 6:26 PM
emaste mentioned this in D7925: ministat(1): Capsicumify.
emaste updated this revision to Diff 20553.Sep 20 2016, 7:38 PM

cache NLS before cap_enter as pointed out by @cem

cem accepted this revision.Sep 20 2016, 7:43 PM
cem added a reviewer: cem.
This revision is now accepted and ready to land.Sep 20 2016, 7:43 PM
Closed by commit rS306502: primes: trivially capsicumize (authored by emaste). · Explain WhySep 30 2016, 1:51 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
usr.bin/
primes/
8 lines

Diff 20865

View Options

head/usr.bin/primes/primes.c

Loading...