[Ur] Seccomp for Ur/Web-generated binaries

Benjamin Barenblat bbaren at mit.edu
Tue Mar 17 17:37:13 EDT 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Should we be thinking about seccomp for the binaries 'urweb' makes?

Seccomp is a Linux capabilities system that lets an application define
and institute a policy for allowed system calls.  This is normally used
to allow applications to JIT and execute untrusted code (most notably in
Google Chrome), but it could also be a powerful tool to help mitigate
exploits against Ur/Web CGI and FastCGI binaries.

Obviously, this would do nothing for OS X users, but OS X servers are
sufficiently rare (and Linux-based servers are sufficiently common) that
this could still be a net win.

What do you think – might modifying 'urweb'’s code generator to add
seccomp to the binaries it produces be a good idea?

—Benjamin
-----BEGIN PGP SIGNATURE-----

iQF8BAEBCgBmBQJVCJ6JXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5OThCQjVEMTlDOEE3QjE3OUUwREFCODY5
RTczMDE0OUVCOTFDNTNCAAoJEJ5zAUnrkcU7SQ4H/3Q6OgTkva0KcMwZTJsL52Jq
NLUWWgdOBz0QfLjVtXTdKwrR7AJ+2XJ9guVBmgb92G55FTJbeb7KoXemyGc4RibX
VrYeRVk/ooxAW+l9LsXbNcsLi9GkgVjRX//4XWx7Mug45mcqv8l+X+l+QJDHnyMe
VkV5DGVh6fodTVl87DXChklmCD4LZ3FHVd9bCrQlSN7mH3IU7JsO6+E64bvJVSIB
w1/KicQO5DntnyP46dVaulSiqLkCuu58V6eT9h2T6dTslZzXnmgIUUF6EQtDHZBY
9zbTDNKXbhuEkn0dP1TgDPSe3LHvmOmIHKJgFNi7QkCWw8C+0app9vm5Dk6hHcQ=
=xJlH
-----END PGP SIGNATURE-----



More information about the Ur mailing list