Umbhali womtapo wezincwadi ojwayelekile we-Cosmopolitan C kanye nenkundla ye-Redbean umemezele ukuqaliswa kwe-pledge() indlela yokuhlukanisa ye-Linux. Isibambiso sasungulwa iphrojekthi ye-OpenBSD futhi sikuvumela ukuthi unqabele izinhlelo zokusebenza ngokukhetha ukufinyelela amakholi wesistimu angasetshenzisiwe (uhlobo lohlu olumhlophe lwezingcingo zesistimu lwenzelwa isicelo, futhi ezinye izingcingo azivunyelwe). Ngokungafani nezinqubo zokuvinjelwa kwezingcingo zesistimu ezitholakala ku-Linux, njenge-seccomp, indlela yesibambiso ekuqaleni yayiklanywe ukuthi ibe lula ngangokunokwenzeka.
Isinyathelo esihlulekile sokuhlukanisa izinhlelo zokusebenza endaweni eyisisekelo ye-OpenBSD kusetshenziswa indlela ye-systrace sibonise ukuthi ukuhlukaniswa ezingeni lezingcingo zesistimu ngayinye kwakuyinkimbinkimbi kakhulu futhi kudla isikhathi. Njengenye indlela, kwahlongozwa isifungo, esenze kwaba nokwenzeka ukudala imithetho yokuzihlukanisa ngaphandle kokungena emininingwaneni kanye nokukhohlisa amakilasi okufinyelela enziwe ngomumo. Isibonelo, amakilasi ahlinzekwayo yi-stdio (okokufaka/okuphumayo), i-rpath (amafayela afundwayo kuphela), i-wpath (bhala amafayela), i-cpath (dala amafayela), i-tmppath (ukusebenza ngamafayela esikhashana), inet (amasokhethi enethiwekhi), unix ( unix sockets), dns (DNS resolution), getpw (funda ukufinyelela kusizindalwazi somsebenzisi), ioctl (i-ioctl call), i-proc (ukuphathwa kwenqubo), yenza (ukwethulwa kwenqubo) kanye ne-id (ukuphathwa kwamalungelo okufinyelela).
Imithetho yokusebenza ngezingcingo zesistimu icaciswe ngendlela yezichasiselo, okuhlanganisa uhlu lwezigaba ezivunyelwe zezingcingo zesistimu kanye nohlu lwezindlela zamafayela lapho ukufinyelela kuvunyelwe khona. Ngemva kokwakha nokwethulwa kwesicelo esiguquliwe, i-kernel ithatha umsebenzi wokuqapha ukuthotshelwa kwemithetho eshiwo.
Ukuqaliswa okuhlukile kwesithembiso kuthuthukiswa i-FreeBSD, ehlukaniswa ikhono lokuhlukanisa izinhlelo zokusebenza ngaphandle kokwenza izinguquko kukhodi yazo, kuyilapho ku-OpenBSD ucingo lwesibambiso luhloselwe ukuhlanganiswa okuqinile nendawo eyisisekelo kanye nokwengeza izichasiselo kukhodi ngayinye. isicelo.
Abathuthukisi bembobo yesibambiso se-Linux bathathe isibonelo se-FreeBSD futhi, esikhundleni sokwenza izinguquko kukhodi, balungiselela isengezo se-utility pledge.com esikuvumela ukuthi usebenzise imikhawulo ngaphandle kokushintsha ikhodi yesicelo. Isibonelo, ukuze uqalise insiza yokugoba ngokufinyelela kuphela kumakilasi ekholi esistimu ye-stdio, rpath, inet nethreadstdio, vele uqalise β./pledge.com -p 'stdio rpath linet thread' curl http://example.comβ.
Isisetshenziswa sesibambiso sisebenza kukho konke ukusatshalaliswa kwe-Linux eqala nge-RHEL6 futhi ayidingi ukufinyelela kwezimpande. Ukwengeza, ngokusekelwe kulabhulali ye-cosmopolitan, i-API ihlinzekwe ngokulawula imikhawulo kukhodi yohlelo ngolimi C, okuvumela, phakathi kwezinye izinto, ukudala ama-enclaves wokukhawulela ngokukhetha ukufinyelela ngokuhlobene nemisebenzi ethile yohlelo lokusebenza.
Ukuqaliswa akudingi izinguquko ku-kernel - imikhawulo yesibambiso ihunyushwa emithethweni ye-SECCOMP BPF futhi icutshungulwe kusetshenziswa indlela yomdabu ye-Linux yokuhlukanisa ikholi. Isibonelo, isibambiso socingo("stdio rpath", 0) sizoguqulelwa kusihlungi se-BPF esimile const struct sock_filter kFilter[] = { /* L0*/ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, syscall, 0, 14 - 1 ), / * L1*/ BPF_STMT(BPF_LD | BPF_W | BPF_ABS, OFF(args[0])), /* L2*/ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 2, 4 - 3, 0), /* L3* / BPF_JUMP( BPF_JMP | BPF_JEQ | BPF_K, 10, 0, 13 - 4), /* L4*/ BPF_STMT(BPF_LD | BPF_W | BPF_ABS, OFF(args[1])), /* L5*/ BPF_STMT(BPF_ALU | BPF_ALU | BPF_ALU | | BPF_K, ~0x80800), /* L6*/ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 1, 8 - 7, 0), /* L7*/ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 2, 0, 13 - 8) , /* L8*/ BPF_STMT(BPF_LD | BPF_W | BPF_ABS, OFF(args[2])), /* L9*/ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 0, 12 - 10, 0), /*L10*/ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 6, 12 - 11, 0), /*L11*/ BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, 17, 0, 13 - 11), /*L12*/ BPF_STMT,(BPF_STMT, SECCOMP_RET_ALLOW), /*L13*/ BPF_STMT(BPF_LD | BPF_W | BPF_ABS, OFF(nr)), /*L14*/ /* isihlungi esilandelayo */ };
Source: opennet.ru