From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, NICE_REPLY_A,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 30000 invoked from network); 11 May 2022 16:54:06 -0000 Received: from 9front.inri.net (168.235.81.73) by inbox.vuxu.org with ESMTPUTF8; 11 May 2022 16:54:06 -0000 Received: from mail.posixcafe.org ([45.76.19.58]) by 9front; Wed May 11 12:50:54 -0400 2022 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=posixcafe.org; s=20200506; t=1652287850; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=CiFmOiwigc6CHeSgNfxho7BEdmEEneDvRDiA8do6vW8=; b=pdSPNBYJjUJUDruYnpL0mccG/Nb5ateXoJEiGxXLE5Eg60oFRz8MNQXPn0jcnVwPDDNEAS MnrKfdXRO2g8PKOlRbpCABPbax2QW7n4bakV1RwJx2zn1uRUD7UYUDtlMrJl4uUUIwImX9 FBcRVWx34/TY7+WKOUGUc/MFHUnl4Os= Received: from [192.168.168.200] (161-97-228-135.lpcnextlight.net [161.97.228.135]) by mail.posixcafe.org (OpenSMTPD) with ESMTPSA id b87791a7 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for <9front@9front.org>; Wed, 11 May 2022 11:50:49 -0500 (CDT) Message-ID: <004c4a6d-957d-1623-9b5d-2f6bbf940f24@posixcafe.org> Date: Wed, 11 May 2022 10:50:44 -0600 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1 Content-Language: en-US To: 9front@9front.org References: <77567FF86B34A592067F8FA1ADD7F3C6@eigenstate.org> <89328B14-29CE-4D30-AFAD-672900E2699D@gmail.com> <0718a4ed-dd38-06f5-2071-6d2ded50b7fa@posixcafe.org> <0BBC7720-2562-4C73-9153-0A37CF503820@gmail.com> <2248A216-6C8C-4C58-AD4A-5D4D2BAAED14@gmail.com> From: Jacob Moody In-Reply-To: <2248A216-6C8C-4C58-AD4A-5D4D2BAAED14@gmail.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: general-purpose storage Subject: Re: [9front] [PATCH] kernel: disallow executing from #| or #d Reply-To: 9front@9front.org Precedence: bulk On 5/11/22 10:32, Amavect wrote: > If we don't decide on that route, > then devpipe should disallow wstat. The roundabout way of checking for permission bits was my first pass at removing this capability. I am much more in favor of just disabling wstat for devpipe personally. If you did want to make one end of a pipe read only or write only, doing it through wstat feels obtuse due to the attach semantics. > >> RFNOMNT does not remove access to #|, #d, #e, #c, or #p > That's what I get for only reading the man page without testing. Yeah the man page should not lie, how's this instead? thanks, moody diff 51669adf2446385b38bab4efcb4133c19e9be806 uncommitted --- a//sys/man/2/fork +++ b//sys/man/2/fork @@ -70,9 +70,16 @@ .TP .B RFNOMNT If set, subsequent mounts into the new name space and dereferencing -of pathnames starting with +of most pathnames starting with .B # -are disallowed. +are disallowed. Specifically +.IR pipe(3) , +.IR dup(3) , +.IR env(3) , +.IR cons(3) , +and +.IR proc(3) +are still permitted. .TP .B RFENVG If set, the environment variables are copied;