Am 06.07.22 um 15:18 schrieb Alois Wohlschlager:
Well, vim at least actually had a quite big security hole with its modeline feature. IIRC, it's removed now, but sandboxing vim is still not a bad idea.
Well, like, i do not disagree, but i wanted to make the difference a little bit more apparent. But yeah, sometimes vim also could be a problem. but not that serious as most GUI-with-Network-programs-which-only-calculates-dates.
Sadly we do not have a mechanism like pledge (from openbsd) where an application could state "after that stage, i just need read privileges on THAT directories" and the OS drops privileges for the rest.
The Linux kernel offers seccomp (~pledge, but per-syscall) and landlock (~unveil, but subtractive and taking access mode into account). Sadly, not many applications make use of them.
Exactly. we need landlock in every basesystem for that. AND: people have to accept seccomp. Many do not like containers, why should they accept seccomp? Kind regards, Dennis Knorr -- Dennis Knorr, dennis.knorr@suse.com SUSE Software Solutions Germany GmbH Frankenstraße 146, 90461 Nürnberg, Germany Geschäftsführer: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman (HRB 36809, AG Nürnberg)