Dmitrii Kuvaiskii
Dmitrii Kuvaiskii
> The new design assumes `sgx.file_check_policy = "allow_all_but_log"` is not necessary. Is it? This is necessary. People use it quite often.
> And, if we can afford it, this will treat unknown files as openable but still read-only. Yes, I think this is reasonable. People can always just use `type =...
> With normal passthrough, we won't be able to see which file is accessed from the runtime log. Perhaps we can also add policy = "allow_all_but_log" to passthrough mounts as...
Just a note before I forget it again: after this redesign is done, and the documentation https://gramine.readthedocs.io/en/latest/manifest-syntax.html is updated, we must **move the syntax descriptions** from under SGX syntax to...
Thanks @bigdata-memory for the detailed description and the links! I'll need to go through these links to understand the Amber design and APIs specifically (which I wanted to do anyway)....
Looking at this again, I have some questions to @bigdata-memory: 1. It seems that the only difference between Case 1 ("Static Mode") and Case 3 ("Fix Mode") is: Case 1...
@bigdata-memory Do we want to discuss this Amber proposal in one of the upcoming Gramine meetings (on Tuesdays)?
> This is a wrong/misleading term, as Gramine is not overriding anything. It's a separate operating system, and the plan is to emulate these files based on whatever we gathered...
> Maybe `passthrough_sanitized_resolv_conf` manifest option? Could you expand what exactly this option is supposed to do? Is it a boolean? Does it only pertain to the `resolv.conf` file, what about...
[Discussion notes in the core meeting](https://github.com/gramineproject/gramine/discussions/716): Woju's proposal of hard-coded `sgx.trusted_files.content` is **rejected** (may be useful for other things, but not as a solution to the current problem): - Because...