fun with pledge()

Machine-specific discussion
Unix, Linux, OS X, OS/2, Windows, ..?
Locked
Kirill
Posts: 90
Joined: Wed Oct 31, 2007 1:21 pm

fun with pledge()

Post by Kirill »

On OpenBSD pledge() system call forces the current process into a restricted-service operating mode.

I know newLISP can import function from shared libraries, but I have never done so yet. So I thought I'd give it a try with pledge():

Code: Select all

> (import "/usr/lib/libc.so.96.0" "pledge")
pledge@F99015DECD0
> (pledge "tty stdio" 0)
0
> (println "yay!")
yay!
"yay!"
> (! "ls -al")
Abort trap (core dumped)
In another window I see

Code: Select all

newlisp[56936]: pledge "proc", syscall 66
That was fun! I will play more with this little tool.

rickyboy
Posts: 607
Joined: Fri Apr 08, 2005 7:13 pm
Location: Front Royal, Virginia

Re: fun with pledge()

Post by rickyboy »

Nice! 👍
(λx. x x) (λx. x x)

Kirill
Posts: 90
Joined: Wed Oct 31, 2007 1:21 pm

Re: fun with pledge()

Post by Kirill »

I was thinking of creating something that would allow running untrusted newLISP code (think serverless, function-as-a-service et c) as a CGI, only allowing to act on submittes post data and do calculations and spit out the result.

Now, with pledge() and newLISP running in a chroot already, the idea may some day come true.

Locked