Chuck Tuffli wrote:
On Fri, Oct 20, 2023 at 1:00 AM Thierry Carrez <thierry@openstack.org> wrote:
Hi Chuck,
I would not be surprised if oslo-rootwrap needed a few code changes to work correctly on FreeBSD... It's been designed with a bunch of Linux assumptions. I'm not familiar enough with FreeBSD signal/socket handling to help debug this one.
Note that oslo-rootwrap is being deprecated in favor of oslo-privsep (which may rely on even more Linux assumptions :/ )
Thanks for the feedback, Thierry.
I took a peek at the oslo-privsep specification and code. Any thoughts as to what it would look like for non-Linux operating systems? E.g., emulation of Linux CAPs, genericized capabilities, something else?
If privsep is the path forward, I'd be interested in contributing support to it for FreeBSD, but a shove in the right direction would be appreciated :)
I'm not sure which features in FreeBSD could be best leveraged to provide the same style of security layer than the capabilities-based approach that the Linux implementation follows... Maybe someone else on this list has an idea. What's sure is that privsep is the future, and rootwrap is the past (that old design had several limitations and did not result in significantly increased security). So if you plan to spend some time on this, looking into porting privsep is probably the best use of your time. Cheers, -- Thierry