tlsdate
tlsdate copied to clipboard
ioerror
Sandboxing on other platforms
Hi,
what do you think about reducing the attack surface on OS X as well (and not only on Linux with seccomp) ?
There is a "sandbox facility" in OS X:
SANDBOX(7) BSD Miscellaneous Information Manual SANDBOX(7)
NAME
sandbox -- overview of the sandbox facility
SYNOPSIS
#include <sandbox.h>
DESCRIPTION
The sandbox facility allows applications to voluntarily restrict their access to
operating system resources. This safety mechanism is intended to limit potential
damage in the event that a vulnerability is exploited. It is not a replacement for
other operating system access controls.
New processes inherit the sandbox of their parent. Restrictions are generally
enforced upon acquisition of operating system resources only. For example, if file
system writes are restricted, an application will not be able to open(2) a file for
writing. However, if the application already has a file descriptor opened for writ-
ing, it may use that file descriptor regardless of restrictions.
SEE ALSO
sandbox-exec(1), sandbox_init(3), sandboxd(8)
Mac OS X January 29, 2010 Mac OS X
We could probably also take other ideas and code from Chrome? https://www.chromium.org/developers/design-documents/sandbox/osx-sandboxing-design
What do you think? Ideas, suggestions?
Cheers, Clemens
On 12/10/15, Clemens Gruber [email protected] wrote:
Hi,
what do you think about reducing the attack surface on OS X as well (and not only on Linux with seccomp) ?
There is a "sandbox facility" in OS X:
SANDBOX(7) BSD Miscellaneous Information Manual SANDBOX(7) NAME sandbox -- overview of the sandbox facility SYNOPSIS #include <sandbox.h> DESCRIPTION The sandbox facility allows applications to voluntarily restrict their access to operating system resources. This safety mechanism is intended to limit potential damage in the event that a vulnerability is exploited. It is not a replacement for other operating system access controls. New processes inherit the sandbox of their parent. Restrictions are generally enforced upon acquisition of operating system resources only. For example, if file system writes are restricted, an application will not be able to open(2) a file for writing. However, if the application already has a file descriptor opened for writ- ing, it may use that file descriptor regardless of restrictions. SEE ALSO sandbox-exec(1), sandbox_init(3), sandboxd(8) Mac OS X January 29, 2010 Mac OS XWe could probably also take other ideas and code from Chrome? https://www.chromium.org/developers/design-documents/sandbox/osx-sandboxing-design
What do you think? Ideas, suggestions?
I'd very much like to use OS X sandboxing. I don't have a Mac OS X device that would be useful here. If you want to submit a patch, we can have someone else help with the review, I'm open to reviewing it also.
