D8532: [WIP] Restrict file extractor with Seccomp
Fabian Vogt
noreply at phabricator.kde.org
Thu Oct 4 16:16:24 BST 2018
fvogt added a comment.
AFAICT this won't actually protect much - the open DBus socket is enough to execute arbitrary programs.
The best design would be (IMO, not sure how well the current architecture fits) to have a fully sandboxed executable which can only communicate with baloo over a single socket.
Over that socket it receives a (read-only) file descriptor for the to be dissected file and then sends the result to baloo.
REPOSITORY
R293 Baloo
REVISION DETAIL
https://phabricator.kde.org/D8532
To: davidk, apol, ossi, #frameworks, smithjd, bruns
Cc: fvogt, mgallien, kde-frameworks-devel, michaelh, #baloo, detlefe, ngraham, nicolasfella, ashaposhnikov, astippich, spoorun, bruns, abrahams
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20181004/e43792c5/attachment.html>
More information about the Kde-frameworks-devel
mailing list