all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: Philipp Stephani <p.stephani2@gmail.com>
To: Lars Ingebrigtsen <larsi@gnus.org>
Cc: "Basil L. Contovounesios" <contovob@tcd.ie>,
	Glenn Morris <rgm@gnu.org>, Paul Eggert <eggert@cs.ucla.edu>,
	56359@debbugs.gnu.org
Subject: bug#56359: seccomp test failures on RHEL 9.0
Date: Tue, 18 Oct 2022 11:32:46 +0200	[thread overview]
Message-ID: <CAArVCkRELs6vEBY70WZ8gJ29_KogFYcukaJ8bRmUTWhKW-dq+Q@mail.gmail.com> (raw)
In-Reply-To: <87a662f8hb.fsf@gnus.org>

Am Di., 11. Okt. 2022 um 21:47 Uhr schrieb Lars Ingebrigtsen <larsi@gnus.org>:
>
> Paul Eggert <eggert@cs.ucla.edu> writes:
>
> > My "fix" involved allowing all uses of clone3, which (as Philipp noted
> > in August) is problematic. I'm not sure what's being tested for, but
> > if clone3 lets you evade the checks then the test is arguably more
> > trouble than it's worth. Would marking it as :unstable lessen the
> > number of false alarms we're getting? If not, perhaps we should remove
> > it or mark it as :dont-use-unless-you-know-what-youre-doing or
> > whatever.
>
> And pidfd_open also sounds like a non-safe call (without looking at it
> closely).
>
> Skimming the tests, they seem to test pretty basic functionality in the
> seccomp area -- that is, without allowing pidfd_open/clone3, nothing
> will be able to run using the seccomp functionality.  But since those
> are somewhat unsafe, then...  what's the point?

Neither pidfd_open nor clone3 are "unsafe". The concern is that clone3
might expand its functionality to eventually allow unsafe operations
like opening network sockets, and with its interface there's no way
for a seccomp filter to prevent that. One option might be to have
clone3 return ENOSYS, if the caller falls back to clone in that case.





  reply	other threads:[~2022-10-18  9:32 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-07-02 17:45 bug#56359: seccomp test failures on RHEL 9.0 Glenn Morris
2022-07-15 14:12 ` Philipp Stephani
2022-07-15 23:35   ` Glenn Morris
2022-07-16 10:50     ` Philipp Stephani
2022-08-20 12:37       ` Basil L. Contovounesios via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-11  0:54         ` Lars Ingebrigtsen
2022-10-11 12:36           ` Basil L. Contovounesios via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-11 17:43             ` Paul Eggert
2022-10-11 19:47               ` Lars Ingebrigtsen
2022-10-18  9:32                 ` Philipp Stephani [this message]
2022-10-06 16:56 ` Basil L. Contovounesios via Bug reports for GNU Emacs, the Swiss army knife of text editors
2022-10-07 11:56   ` Lars Ingebrigtsen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAArVCkRELs6vEBY70WZ8gJ29_KogFYcukaJ8bRmUTWhKW-dq+Q@mail.gmail.com \
    --to=p.stephani2@gmail.com \
    --cc=56359@debbugs.gnu.org \
    --cc=contovob@tcd.ie \
    --cc=eggert@cs.ucla.edu \
    --cc=larsi@gnus.org \
    --cc=rgm@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.