MacPorts and sandboxing
Clemens Lang
cal at macports.org
Thu Sep 27 02:30:58 PDT 2012
Hi,
On Wed, Sep 26, 2012 at 10:34:22PM -1000, Jordan K. Hubbard wrote:
> Yeah, I get that. I'm looking to see if there's some way of making
> /usr/local more of an ENOENT than an EPERM sort of lookup.
while that would help, hiding directories is not enough. The same
problem breaks the currently implemented trace mode, because autoconf
reads the contents of $prefix/share/aclocal/ and tries to open every
file in there, aborting if the file doesn't exist of permission was
denied.
I've been working on overloading __getdirentries64 and setting the inode
of the files where access should be denied to 0. I'm not sure this would
satisfy the requirements of the sandboxing, though (attackers could
still find out the file exists/existed).
--
Clemens Lang
More information about the macports-dev
mailing list