From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, NICE_REPLY_A autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 11276 invoked from network); 4 May 2022 17:59:29 -0000 Received: from 9front.inri.net (168.235.81.73) by inbox.vuxu.org with ESMTPUTF8; 4 May 2022 17:59:29 -0000 Received: from mail.posixcafe.org ([45.76.19.58]) by 9front; Wed May 4 13:57:49 -0400 2022 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=posixcafe.org; s=20200506; t=1651687064; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=gdzUQsyGO0Ig54rH+mtfXojogi/fHjCieB1cYb5MLxo=; b=Q9qXsRAWzq8Y8UV+8BQUDBfBK/ejNzN40zuaMUM+V44tJ7gtx7vsdCLHLiQbC1HFrPYKw4 ij8H2qUz/MTYp1O+5zdvsn6w+OYl3nWnPWmD/ehEvO4hmZsyhdnNDENldLtT8yKQTp2I5M SKXYSkijx4GhSLN79ifJYRRYbtcmUnM= Received: from [192.168.168.200] (161-97-228-135.lpcnextlight.net [161.97.228.135]) by mail.posixcafe.org (OpenSMTPD) with ESMTPSA id c27f9723 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for <9front@9front.org>; Wed, 4 May 2022 12:57:44 -0500 (CDT) Message-ID: <67c5f9b0-7152-7c2f-dd4d-e3354f4e9aff@posixcafe.org> Date: Wed, 4 May 2022 11:55:37 -0600 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1 Content-Language: en-US To: 9front@9front.org References: <93d9e23ef139bbf6@orthanc.ca> From: Jacob Moody In-Reply-To: <93d9e23ef139bbf6@orthanc.ca> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: YAML over ActivityPub STM-aware DOM locator Subject: Re: [9front] [PATCH] Unmount to remove sharp devices. Reply-To: 9front@9front.org Precedence: bulk On 5/4/22 11:41, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote: >> git/serve? rc-httpd? maybe some other daemons >> could use some sandboxing. > > The FTP and TFTP servers are obvious targets. But what would be > really cool is if this could be integrated into the namespace > files. That way you could set up the namespace for something like > FTP, and then remove the ability to mount #foo without having to > touch the FTP code itself. I could see myself using this all over > the place. > > --lyndon This is already true to some extent as is with this patch. Adding an 'unmount #e' to your namespace file will remove access to #e as is. However I want to look a bit more at doing the inverse operation, so you could say something like "permit #e #| #p" and have it block all non listed devices in the namespace file. I think that is more useful to think about and avoids 10 lines of manually selecting drivers to shoot. Perhaps a new /lib/namespace.service could become the default for networked services. Either way, with the kernel modifications passing the sniff test, I will spend some time seeing how to integrate this change in to existing daemons. Thanks, moody