public inbox for developer@lists.illumos.org (since 2011-08)
 help / color / mirror / Atom feed
From: "Joshua M. Clulow" <josh@sysmgr.org>
To: illumos-developer <developer@lists.illumos.org>
Subject: Re: [developer] Sandboxing applications
Date: Fri, 12 Jul 2024 12:00:03 -0700	[thread overview]
Message-ID: <CAEwA5n+uNpi-yqGhX4UyQjq0j=zi_3dPH7NfCBSAvoMomruWpw@mail.gmail.com> (raw)
In-Reply-To: <CAEgYsbFuym0gw8EvsFw49W8wJzN-nwFD+h9_TLQOJAw-B_-T8A@mail.gmail.com>

On Fri, 12 Jul 2024 at 02:15, Peter Tribble <peter.tribble@gmail.com> wrote:
> You could use ppriv to limit application privileges, which provides some of the sandboxing
> capability. One thing we don't have as far as I'm aware is the ability to restrict access to a
> list of files, which would be convenient.

I've talked with some folks recently about this, in particular.  We
could probably add a compatible implementation of the "Extended
Policy" facility that was added after the gate closed.  It integrates
with the existing privileges(5) stuff, but with constrained targets;
e.g.,

    - file_dac_read supports globs on file paths
    - net_privaddr supports nominating specific TCP or UDP port numbers
    - proc_setid allows a process to change to a specific range of UIDs

-- 
Joshua M. Clulow
http://blog.sysmgr.org

      reply	other threads:[~2024-07-12 19:00 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-07-11 23:59 Lonnie Cumberland
2024-07-12  9:14 ` [developer] " Peter Tribble
2024-07-12 19:00   ` Joshua M. Clulow [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAEwA5n+uNpi-yqGhX4UyQjq0j=zi_3dPH7NfCBSAvoMomruWpw@mail.gmail.com' \
    --to=josh@sysmgr.org \
    --cc=developer@lists.illumos.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).