FS#30541 - [openssh] enable --with-sandbox=seccomp_filter
Attached to Project:
Arch Linux
Opened by c (c) - Wednesday, 04 July 2012, 16:55 GMT
Last edited by Gaetan Bisson (vesath) - Wednesday, 01 August 2012, 07:52 GMT
Opened by c (c) - Wednesday, 04 July 2012, 16:55 GMT
Last edited by Gaetan Bisson (vesath) - Wednesday, 01 August 2012, 07:52 GMT
|
Details
Description:
enable seccomp_filter sandboxing Additional info: build configure openssh --with-sandbox=seccomp_filter to make use of seccomp. seccomp is available in the default kernel package. Steps to reproduce: |
This task depends upon
drawbacks might be...?
documentation about such option is...?
Cannot think of drawbacks as openssh is 6.0 and the kernel supports it.
It doesn't require patches to either.
http://scarybeastsecurity.blogspot.com/2012/04/vsftpd-300-and-seccomp-filter.html
http://hg.mindrot.org/openssh/rev/f40779d28db5
http://src.chromium.org/viewvc/chrome/trunk/src/content/common/sandbox_init_linux.cc?view=markup
Yup. Chromium has it because they wrote the userland implementation of what's being pushed into the kernel.
> Cannot think of drawbacks as openssh is 6.0 and the kernel supports it.
Except that it _hasnt_ landed in a mainline kernel yet. openssh doesn't even get past configure with this flag.
Drawback: you won't be able to use ssh with linux-lts even a month+ from now when 3.5 is in core?
3.5 should be around the corner. Can we tag the ticket for action linked to linux-3.5 packaging?
If it doesnt a good option may be packaging openssh-seccomp because the security benefit is worth it.
http://marc.info/?l=openssh-unix-dev&m=134330495126295&w=2
linux-api-headers 3.5 is required for build but according to the openssh maintainer with that patch applied (part of next release) openssh will fall back to rlimit on older kernels. that means it's safe to configure with seccomp_filter