From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FROM,T_SCC_BODY_TEXT_LINE autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 29477 invoked from network); 15 May 2022 02:47:29 -0000
Received: from 9front.inri.net (168.235.81.73)
  by inbox.vuxu.org with ESMTPUTF8; 15 May 2022 02:47:29 -0000
Received: from mail-il1-f179.google.com ([209.85.166.179]) by 9front; Sat May 14 22:45:58 -0400 2022
Received: by mail-il1-f179.google.com with SMTP id n6so8330078ili.7
        for <9front@9front.org>; Sat, 14 May 2022 19:45:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=date:from:to:subject:message-id:in-reply-to:references:organization
         :mime-version:content-transfer-encoding;
        bh=6nq/XeIBKW/FCs2HneoUx0TY717kuwKI1vFlLOkdO4E=;
        b=nAe6x94+P5AFNLMyYNVrVOvftIHXAIQ/OLLcTGlUMw7HiKbQBJO31tnZWH6ojuveoI
         UvLKu+6+0wJtQKilMUDG2sJw6mjWtTfICHGHK7MSxnxrn+ssxgwwn7o1+Xyabqp1/kWm
         Ut7K5Y+Ny9cvfyUi4yQ1LupH4qaBR1qa2J36ZWsxLU9jOOO98eSJgOXGKXiSs/2O2gpt
         pDOreMuZ8OuY8I5+ARZu9aYkALeCRmIwhjEyN8gYCN39OFu+dPeTdU7QBjL1gm9b/BrZ
         u5SCH0evK/hMYjs1v38jHiLE6zz8phtRzIp1QyhOj7VRlAhcamtyM0lfwV/do0/9g9ai
         dXnA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to
         :references:organization:mime-version:content-transfer-encoding;
        bh=6nq/XeIBKW/FCs2HneoUx0TY717kuwKI1vFlLOkdO4E=;
        b=b8hHb4FzzK9O2ZTDK+EjGYGHsdEfwutDLn6AnJCFyTpcTbLe808tW+q4CPtuRP9FWV
         KUal34m4T/wz22Si/afgcj2Qs1J0513RDUAO3/9YpOOQHJJIWBbS1XX6tg9tBCc/e8ny
         2Yl2IP5zCYNGRqx0zG9bYokUg7o9iLC4iof5SeO6DTNEYflLvcgYgfdRUG0j9Wti9Vd/
         v1zr7dbD0/PE+hqLsZRgFwm2auuwb6ZGBLAHvPXXmW1wNCh0EPQ+RrdDyJR/CCxwp3d8
         GboWlEdNWRmMY9qs3ALybe7rUDmob9gS0ayGYPDfsFWbL4fA/kZGpKpuFuX7sBcLoC2A
         0ydg==
X-Gm-Message-State: AOAM531aC2z36u2jR34ypENknsS3ZS9BbQ+QLmbZPoy/yiIpT5u8BD2s
	QHduY6bUJGy69qiId8vzwTlkDdcMTw0=
X-Google-Smtp-Source: ABdhPJzw98kyrZj710f1pLllQMvAo79aqhEgB6gauFCL3lgyJGpGNjHwGZjuRrNZqg8LG9XeXvaX/w==
X-Received: by 2002:a05:6e02:1d98:b0:2cf:5d:e4fa with SMTP id h24-20020a056e021d9800b002cf005de4famr6230751ila.80.1652582752869;
        Sat, 14 May 2022 19:45:52 -0700 (PDT)
Return-Path: <amavect@gmail.com>
Received: from spruce.localdomain ([2601:246:4e03:dc20::43d])
        by smtp.gmail.com with ESMTPSA id 128-20020a6b1486000000b0065a47e16f5bsm1667379iou.45.2022.05.14.19.45.52
        for <9front@9front.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 14 May 2022 19:45:52 -0700 (PDT)
Date: Sat, 14 May 2022 21:43:11 -0500
From: Amavect <amavect@gmail.com>
To: 9front@9front.org
Message-ID: <20220514214311.2da3632d@spruce.localdomain>
In-Reply-To: <004c4a6d-957d-1623-9b5d-2f6bbf940f24@posixcafe.org>
References: <77567FF86B34A592067F8FA1ADD7F3C6@eigenstate.org>
	<b0efb91e-7ffc-1e24-0529-f6f6b47bad0e@posixcafe.org>
	<89328B14-29CE-4D30-AFAD-672900E2699D@gmail.com>
	<0718a4ed-dd38-06f5-2071-6d2ded50b7fa@posixcafe.org>
	<0BBC7720-2562-4C73-9153-0A37CF503820@gmail.com>
	<c868d55b-2493-db66-740b-17e606a3b99a@posixcafe.org>
	<2248A216-6C8C-4C58-AD4A-5D4D2BAAED14@gmail.com>
	<004c4a6d-957d-1623-9b5d-2f6bbf940f24@posixcafe.org>
Organization: Amavect Industries
X-Mailer: Claws Mail 4.1.0 (GTK 3.24.33; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: encrypted progressive API just-in-time SQL over HTML CMS framework 
Subject: Re: [9front] [PATCH] kernel: disallow executing from #| or #d
Reply-To: 9front@9front.org
Precedence: bulk

On Wed, 11 May 2022 10:50:44 -0600
Jacob Moody <moody@mail.posixcafe.org> wrote:

> The roundabout way of checking for permission bits was
> my first pass at removing this capability. I am much
> more in favor of just disabling wstat for devpipe
> personally. If you did want to make one end
> of a pipe read only or write only, doing it through
> wstat feels obtuse due to the attach semantics.

Fair enough. I'm all for it now.
Just make sure #| stat has mode 666 since user none can read it despite
saying mode 600.

> Yeah the man page should not lie, how's this instead?

The .IR parts are off. The (3)s need to be R. See below.
(you already committed yours, whoops)

Thanks,
Amavect


diff 51669adf2446385b38bab4efcb4133c19e9be806 uncommitted
--- a//sys/man/2/fork
+++ b//sys/man/2/fork
@@ -70,9 +70,16 @@
 .TP
 .B RFNOMNT
 If set, subsequent mounts into the new name space and dereferencing
-of pathnames starting with
+of most pathnames starting with
 .B #
-are disallowed.
+are disallowed. Specifically
+.IR pipe (3),
+.IR dup (3),
+.IR env (3),
+.IR cons (3),
+and
+.IR proc (3)
+are still permitted.
 .TP
 .B RFENVG
 If set, the environment variables are copied;