Lib.rs

Operating systems
#ffi #openbsd #privsep #security

sys priv_sep

FFI for pledge(2) and unveil(2) on OpenBSD

Owned by philomathic_life.

9 releases (5 breaking)

0.6.1 Sep 17, 2023
0.6.0 Sep 17, 2023
0.5.1 Sep 14, 2023
0.4.1 Aug 28, 2023
0.1.0 Jul 25, 2023

#205 in Operating systems

Download history 20/week @ 2023-07-19 93/week @ 2023-07-26 3/week @ 2023-08-02 12/week @ 2023-08-09 9/week @ 2023-08-16 28/week @ 2023-08-23 6/week @ 2023-08-30 6/week @ 2023-09-06 122/week @ 2023-09-13 15/week @ 2023-09-20

169 downloads per month
Used in calc_rational

MIT/Apache

24KB
346 lines

priv_sep

priv_sep is a library for privilege separation. It is currently designed around pledge(2) and unveil(2) for OpenBSD-stable—that is correct, -stable not -current—but in the future may contain functionality for Linux's seccomp(2).

Pledge

It is very rare to use the execpromises parameter, so pledge only relies on Promises.

Unveil

Unlike pledge(2) which allows a large quantity of duplicate promises to be provided, unveil(2) allows a maximum of four permissions to be passed. For this reason, there are dedicated functions for each quantity of Permissions.

Errors

Any error returned from the underlying system call is propagated via Error. Note for both pledge(2) and unveil(2) duplicates are ignored, so it is not an error to pass in duplicate values for their corresponding functions in this crate.

Status

This package will be actively maintained to stay in-sync with the latest version of OpenBSD-stable; as a result, the crate is only tested on the x86_64-unknown-openbsd target. While OpenBSD supports both the most recent -release/-stable release as well as the previous version, only the most recent version will be supported by this library. For that reason any removal of promises in subsequent releases of pledge(2) will lead to breaking changes in this library as the corresponding Promise variant will be removed.

Building and testing

laptop$ git clone https://git.philomathiclife.com/repos/priv_sep
Cloning into 'priv_sep'...
laptop$ cd priv_sep/
laptop$ cargo build --release
    Updating crates.io index
   Compiling semver v1.0.18
   Compiling libc v0.2.148
   Compiling rustc_version v0.4.0
   Compiling priv_sep v0.6.0 (/home/zack/priv_sep)
    Finished release [optimized] target(s) in 1.90s
laptop$ touch /home/zack/foo.txt && cargo t && rm /home/zack/foo.txt
   Compiling semver v1.0.18
   Compiling libc v0.2.148
   Compiling rustc_version v0.4.0
   Compiling priv_sep v0.6.0 (/home/zack/priv_sep)
    Finished test [unoptimized + debuginfo] target(s) in 1.43s
     Running unittests src/lib.rs (target/debug/deps/priv_sep-dcb151b099a76f20)

running 1 test
test tests::test ... ok

test result: ok. 1 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s

   Doc-tests priv_sep

running 0 tests

test result: ok. 0 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s

Dependencies

~19KB