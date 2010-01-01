https://www.blackhat.com/docs/us-16/materials/us-16-Weston-W... is a good reference for all the stuff that Desktop Linux in 2017 is for the most part, missing
Or you can do nothing, in which case you're probably less secure.
As the slides may not tell the whole story (there should be a video soon), I covered this mostly also for LWN recently:
https://lwn.net/Articles/708196/
I work on several C programs. I wish for the day when we have an easy to use, cross platform method of setting up a small set of open files at the start of a program, then be able to say "No more file access, no more network connections".
I know this hides a whole bunch of complication, which is why it's hard and why there are so many ways to do it -- I view it the same way as the move to distinct virtual memory spaces for each process. Once we have it we'll wonder why we ever allowed every program free access to the whole file system for it's entire life-span by default.
> say "No more file access, no more network connections".
Hopefully someone (and it won't be me :) ) will write a library which looks like pledge but wraps all the various things in different OSses (I hear words like seccomp on linux)
But I shouldn't, they found bugs in software I use daily (ffmpeg for example), it would be relatively trivial to make me execute something with it, since my brain is trained to 'exes as threats' not mp3s.
Seccomp (bpf version) is only available since 2012 really, but I hope more apps will start picking it up. It's pretty simple it should become a shameful thing not to use it in new apps.
https://threatpost.com/microsoft-waits-for-patch-tuesday-to-...
