[Ur] Seccomp for Ur/Web-generated binaries

ml at extensibl.com ml at extensibl.com
Tue Mar 17 20:19:51 EDT 2015


On Tue, Mar 17, 2015 at 05:37:13PM -0400, Benjamin Barenblat wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> Should we be thinking about seccomp for the binaries 'urweb' makes?
> 
> Seccomp is a Linux capabilities system that lets an application define
> and institute a policy for allowed system calls.  This is normally used
> to allow applications to JIT and execute untrusted code (most notably in
> Google Chrome), but it could also be a powerful tool to help mitigate
> exploits against Ur/Web CGI and FastCGI binaries.
> 
> Obviously, this would do nothing for OS X users, but OS X servers are
> sufficiently rare (and Linux-based servers are sufficiently common) that
> this could still be a net win.
> 
> What do you think – might modifying 'urweb'’s code generator to add
> seccomp to the binaries it produces be a good idea?
> 

Benjamin, 

Could you please explain, why do you propose to ignore Mac and BSD users and
divert Ur/Web focus to linux-specific "features"? 

What kind of "untrusted" code are you talking about in Ur/Web binaries?

Best regards,
Alexander






More information about the Ur mailing list