[Ur] Seccomp for Ur/Web-generated binaries
Timothy Beyer
beyert at fastmail.net
Wed Mar 18 00:31:02 EDT 2015
At Wed, 18 Mar 2015 13:19:51 +1300,
ml at extensibl.com wrote:
>
> On Tue, Mar 17, 2015 at 05:37:13PM -0400, Benjamin Barenblat wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA512
> >
> > Should we be thinking about seccomp for the binaries 'urweb' makes?
> >
> > Seccomp is a Linux capabilities system that lets an application define
> > and institute a policy for allowed system calls. This is normally used
> > to allow applications to JIT and execute untrusted code (most notably in
> > Google Chrome), but it could also be a powerful tool to help mitigate
> > exploits against Ur/Web CGI and FastCGI binaries.
> >
> > Obviously, this would do nothing for OS X users, but OS X servers are
> > sufficiently rare (and Linux-based servers are sufficiently common) that
> > this could still be a net win.
> >
> > What do you think – might modifying 'urweb'’s code generator to add
> > seccomp to the binaries it produces be a good idea?
> >
>
> Benjamin,
>
> Could you please explain, why do you propose to ignore Mac and BSD users and
> divert Ur/Web focus to linux-specific "features"?
>
> What kind of "untrusted" code are you talking about in Ur/Web binaries?
>
> Best regards,
> Alexander
>
I have to second Alexander here, as I'm a FreeBSD user, but so long as Ur/Web is easy to compile on non-Linux platforms, I have no problem with such support (provided that someone is willing to write a code generator for such a binary).
Regards,
Tim
More information about the Ur
mailing list