Seccomp is capable of restricting capabilities by virtue of its system call control. The issue is largely ergonomic, and I'm not entirely sure how...
I wouldn't say it's becoming standard, I still don't know what other processes are using it. @summerheat Yeah, I suppose 'removed' is not the...
Just a note - things have continued to improve. The SUID sandbox is removed, and the broker itself is sandboxed. I'm not overly familiar with the...
I'll consider writing about it at some point, perhaps, if I review it and decide I really won't ever implement it. Haven't decided exactly what I...
Maybe, but consider the disaster that is userland namespaces in the Linux kernel. Moving the ability to create namespaces has been a consistent...
@elapsed Perhaps you're thinking of Sophos?
https://twitter.com/taviso/status/639992212164513792 Not exactly a shocker.
Your posts are always worth a laugh or two. Thanks for having consistently terrible opinions.
SMAP/SMEP protect the kernel ie: they make it harder to attack the kernel.
@Gullible Jones I am a big fan of Rust: rust-lang.org The issue is that no one is going to rewrite the Linux kernel in rust.
The kernel is responsible for protecting itself.
It seems to be a language issue. "Bypass" to me makes it sound like there's work involved to bypass Sandboxie when you own the kernel. There is...
@Gullible Jones Ah, yes. I read your email by the way, just got swamped and didn't get to reply before it sank into the depths of my inbox....
The payload is not stuck. It's just in the sandbox. It can leave, it just doesn't because it doesn't know to - if it did, which it could, it could...
I don't often come on here, and I rarely read topics. So if you want my attention use the alert system @Hungry_Man or whatever - it's the easiest...
Appcontainer on the broker could be interesting but for renderer processes it would likely be useless, unless it provides anything over an...
Somewhat, yes. The differences are: 1) Apparmor doesn't interact at all with the application it sandboxes, so there's no increase in attack...
The filter driver will interrupt reads/writes to the file system. But the process will have full reign otherwise if it is not isolated via...
There is no emulation involved, it's a mini filter driver that sits on the filesystem. Emulation is used for hardware virtualization. File...
Virtualization is not an isolation mechanism, it's the opposite. It provides no protection on its own, it is only meant to enable a process to...
I'm confident that I am correct about that. I'm just trying to clarify. I consider this mostly brainstorming as well, I have no interest in...
I wouldn't say it's pure speculation. I'm certain that Sandboxie makes use of integrity levels, or at least v4 did when I last used it. The only...
Every aspect of sandboxie's enforcement is, as far as I am aware, enforced solely by windows integrity levels. So a sandboxed program starts off...
Yes, the futex vuln that summerheat is the one I was referring to - futex was a whitelisted system call. Seccomp is great, but there's tons of...
@Gullible Jones Well, I wouldn't quite say 'back'. Mostly I get to work really early and my caffeine doesn't kick in for a good 30 minutes....
Separate names with a comma.