Landry Breuil <landry@openbsd.org> wrote:
> On Tue, Dec 10, 2019 at 10:18:37AM -0700, Theo de Raadt wrote:
> > Landry Breuil <landry@openbsd.org> wrote:
> >
> > > Well, i managed to have a 'video' pledge class, so you can probably get
> > > an 'uhidioctl' class :)
> >
> > I still feel the addition of 'video' pledge was an abuse of the concept.
> >
> > firefox has done a pretty weak version of privsep that requires a
> > 'master process' to have nearly all the pledges. The pledge options are
> > designed to encourage best-practice privsep, but firefox wants to
> > operate a master process with such a vast subset of full-posix, it is as
> > if it doesn't use pledge at all.
> >
> > It is similar with unveil, with this new diff. That process wants to
> > use a library which accesses many tens of files. This new subsystem
> > hasn't been seperated out into a process with a specific purpose.
>
> I've been told they welcome new contributors sending patches :)
Landry,
This is a technical discussion. You don't need to inject such attitude.
I would be happy to take the pledge design back to it's original concept
where it influences design rather than rolls on it's back, and leave you to
cope with it in firefox, probably by turning off all the vague security
attempts.
No comments:
Post a Comment