[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Domesticating applications, OpenBSD style

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 10:12 UTC (Wed) by Lionel_Debroux (subscriber, #30014)
Parent article: Domesticating applications, OpenBSD style

On the one hand, it's a good thing that there's something simpler than SELinux and seccomp.
On the one hand, it's fairly coarse-grained, and would give some false sense of security... but it's not the first time OpenBSD implements a half-measure, as outlined by spender above.

Technically, why a single parameter of int type ? Two int parameters, or a 64-bit parameter, would be more future-proof.

to post comments

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 12:36 UTC (Wed) by patrick_g (subscriber, #44470) [Link] (6 responses)

s/as outlined by spender above/as asserted (without proof) by spender above

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 13:05 UTC (Wed) by spender (guest, #23067) [Link] (5 responses)

Oh sorry, I forgot LWN readers require me to do all their homework for them:

Everything you want to know is here: https://grsecurity.net/~spender/exploits/exp_moosecox.c

To continue the "innovation" not mentioned there, they've recently also ripped off PAX_MPROTECT from 2001 (14 years late), labeled it "now or never exec":
http://www.tedunangst.com/flak/post/now-or-never-exec
with no mention anywhere of PAX_MPROTECT, despite being keenly aware of it since this famous thread: http://www.monkey.org/openbsd/archive/misc/0304/msg01146....
I guess they had to wait 12 years since that point to let their obvious hypocrisy be less visible about having to "break POSIX".

With the exception of perhaps the extension of privilege separation (already demonstrated in Postfix prior to Niels Provos' paper), not one original useful idea has come out of OpenBSD in 15 years, and it's time to stop feeding the delusions of these plagiarists.

-Brad

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 17:17 UTC (Wed) by SEJeff (guest, #51588) [Link] (4 responses)

So I've got to ask Brad, you hate OBSD security, you hate Linux security (which is fair), what system do you use? A heavily locked down PAX / grsecurity enabled Linux distro? As much as I see you pull the rug out from under so many of these security features, generally in Linux, I'm curious what you would consider to be "secure".

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 17:39 UTC (Wed) by patrick_g (subscriber, #44470) [Link] (3 responses)

Don't know what he's using now but at the time of this LinuxFR interview (http://linuxfr.org/nodes/24807/comments/1052695) he said :

I know this will probably upset some of your readers, but I actually
am running Windows 7 RC right now. Prior to that I had been running
Windows Vista. I haven't used Linux as a primary desktop since college
or so.

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 18:05 UTC (Wed) by PaXTeam (guest, #24616) [Link] (2 responses)

i'll see that interview and raise you https://microsoft.com/emet ;).

Domesticating applications, OpenBSD style

Posted Jul 22, 2015 18:26 UTC (Wed) by patrick_g (subscriber, #44470) [Link]

OK I fold :-)

Domesticating applications, OpenBSD style

Posted Jul 26, 2015 19:47 UTC (Sun) by ploxiln (subscriber, #58395) [Link]

Wow... so Brad cares 100% about security features and 0% about software quality... he cares so much about security (features, apparently) that he uses WINDOWS!

Just to state the obvious, MS / Windows had most "mitigation" features first, like ASLR and sandboxing, but it was just checkbox features to use for sales purposes, and didn't fix their security problems. There's always the most widely used software on the platform not opting into the security feature or opting out of it, like flash plugin having a root-level helper service to get it out of the browser sandbox, or acrobat reader not opting into ASLR (and running javascript and such), or Office's VB macros and OLE hilariousness, or font kerning scripts running in the kernel. And to top it all off it's all closed source so there's no telling how much ridiculous crap is in there, and no one but Microsoft can do anything about it. Exploits for Windows continue to appear regularly in the wild, despite the industry-leading mitigation features.

Brad has good ideas, and does a lot of work to create working exploits, but has always come off as rather unbalanced in how he values different qualities of software, and wow does this confirm it. Wow.

Domesticating applications, OpenBSD style

Posted Jul 23, 2015 2:55 UTC (Thu) by busterb (subscriber, #560) [Link]

Why a single int in the first iteration? I asked the same thing directly: It was a challenge in simplicity, to find the minimum that could be useful, with the implicit warning that a call with dozens of flags is going to devolve from its goal of simplicity.

That said, tame is actively evolving beyond the description in this article, based on experience converting more programs to use it. It will likely take months to convert enough things in order to fully understand and refine all of the macro-level use cases.

Domesticating applications, OpenBSD style

Posted Jul 23, 2015 3:07 UTC (Thu) by thestinger (guest, #91827) [Link]

seccomp is very simple from an application's perspective. The libseccomp API is quite nice. Some projects roll their own BPF handling code (Firefox, Chromium, rr), but that's entirely their fault.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds