Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not at all, for example you can't implement the ratcheting down semantics of pledge() using seccomp. Say starting with a broader promise set "stdio rpath recvfd", and then dropping to "stdio" after full init.

pledge() can also be found in over 85% of OpenBSD's base system.



On linux you can use firejail if it's necessary (or a container if it's needed).


This doesn't address what they just said - dropping privileges incrementally. Firejail is just a whole process filter applied at process start.


brings me to the next question: are there linux equivalent ?


There's Capsicum for Linux[1]. Its a port of Capsicum[2] from FreeBSD to Linux. Capsicum was a joint project between the FreeBSD foundation, Cambridge and Google to create a hybrid capabilities framework. But Capsicum allows developers to do the same privilege dropping that pledge does. However Capsicum is more fine grained then pledge so its less easy to use. Also Capsicum for Linux is also out of tree currently.

[1]: http://www.capsicum-linux.org/ [2]: https://www.freebsd.org/cgi/man.cgi?capsicum(4)


Link #1 is neat for Linux users, but Google seems to have stopped updating Capsicum after v4.11 (which was released April 2017).


The firejail is the closest i know.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: