mirror of
				https://github.com/jart/cosmopolitan.git
				synced 2025-10-26 11:10:58 +00:00 
			
		
		
		
	Add seccomp bpf sandboxing to redbean
It's now possible to pass the `-S` or `-SS` flags to sandbox redbean worker proecsses after they've been forked. The first `-S` flag is intended to be a permissive builtin policy that limits system calls to only that which the various parts of redbean serving need. The second `-SS` flag is intended to be more restrictive, preventing things like the Lua extensions you download off the web from using the HTTP client or sockets APIs. In upcoming changes you'll be able to implement your own Berkeley Packet Filter sandbox programs and load them via Lua.
This commit is contained in:
		
							parent
							
								
									7166679620
								
							
						
					
					
						commit
						5a132f9652
					
				
					 79 changed files with 2271 additions and 651 deletions
				
			
		|  | @ -19,7 +19,6 @@ | |||
| #include "libc/assert.h" | ||||
| #include "libc/bits/bits.h" | ||||
| #include "libc/bits/weaken.h" | ||||
| #include "libc/calls/issandboxed.h" | ||||
| #include "libc/calls/strace.internal.h" | ||||
| #include "libc/macros.internal.h" | ||||
| #include "libc/runtime/runtime.h" | ||||
|  | @ -118,7 +117,7 @@ static struct SymbolTable *GetSymbolTableFromElf(void) { | |||
| struct SymbolTable *GetSymbolTable(void) { | ||||
|   int ft, st; | ||||
|   struct Zipos *z; | ||||
|   if (!g_symtab && !__issandboxed) { | ||||
|   if (!g_symtab && !__isworker) { | ||||
|     ft = g_ftrace, g_ftrace = 0; | ||||
|     st = __strace, __strace = 0; | ||||
|     if (weaken(__zipos_get) && (z = weaken(__zipos_get)())) { | ||||
|  |  | |||
|  | @ -228,8 +228,12 @@ static textwindows dontinline noasan void *MapMemories(char *addr, size_t size, | |||
|  */ | ||||
| noasan void *mmap(void *addr, size_t size, int prot, int flags, int fd, | ||||
|                   int64_t off) { | ||||
|   STRACE("mmap(%p, %'zu, %s, %s, %d, %'ld) → ...", addr, size, | ||||
|          DescribeProtFlags(prot), DescribeMapFlags(flags), fd, off); | ||||
| #if defined(SYSDEBUG) && (_KERNTRACE || _NTTRACE) | ||||
|   if (IsWindows()) { | ||||
|     STRACE("mmap(%p, %'zu, %s, %s, %d, %'ld) → ...", addr, size, | ||||
|            DescribeProtFlags(prot), DescribeMapFlags(flags), fd, off); | ||||
|   } | ||||
| #endif | ||||
|   void *res; | ||||
|   char *p = addr; | ||||
|   struct DirectMap dm; | ||||
|  |  | |||
|  | @ -39,6 +39,7 @@ extern uint8_t __zip_start[];                       /* αpε */ | |||
| extern uint8_t __zip_end[];                         /* αpε */ | ||||
| extern bool ftrace_enabled; | ||||
| extern size_t __virtualmax; | ||||
| extern bool __isworker; | ||||
| 
 | ||||
| void mcount(void); | ||||
| unsigned long getauxval(unsigned long); | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue