#1 Integrate filesystem extended attribute support

Open
opened 1 month ago by shawn.webb · 2 comments

Since HardenedBSD uses filesystem extended attributes to toggle exploit mitigations on a per-application basis, teach pkg how to work with filesystem extended attributes.

Multiple solutions can solve this problem. The tar file format, which pkg uses, supports filesystem extended attributes. If libarchive has that same support, pkg could probably tell libarchive to include filesystem extended attributes in the build artifact (.txz).

Another method would be to include metadata in the package’s +MANIFEST file that would instruct pkg to set filesystem extended attributes post-extraction.

Ideally, I would prefer the first solution (libarchive integration) as that seems the most straight-forward. The second option is acceptable iff the first solution doesn’t pan out.

Since HardenedBSD uses filesystem extended attributes to toggle exploit mitigations on a per-application basis, teach pkg how to work with filesystem extended attributes. Multiple solutions can solve this problem. The tar file format, which pkg uses, supports filesystem extended attributes. If libarchive has that same support, pkg could probably tell libarchive to include filesystem extended attributes in the build artifact (.txz). Another method would be to include metadata in the package's `+MANIFEST` file that would instruct pkg to set filesystem extended attributes post-extraction. Ideally, I would prefer the first solution (libarchive integration) as that seems the most straight-forward. The second option is acceptable iff the first solution doesn't pan out.
shawn.webb added the
enhancement
label 1 month ago
shawn.webb added the
help wanted
label 1 month ago
shawn.webb commented 1 month ago
Owner

libarchive only supports the user namespace, not system. Our current implementation in HardenedBSD base uses the system namespace. The second method (integrating with the +MANIFEST file) might be a more practical approach, at least for a PoC implementation.

HardenedBSD could gain support for toggling based on the user namespace, given proper permissions. However, that is outside the scope of this issue. Perhaps if the user namespace is supported in the future, we could revisit its integration here.

libarchive only supports the user namespace, not system. Our current implementation in HardenedBSD base uses the system namespace. The second method (integrating with the `+MANIFEST` file) might be a more practical approach, at least for a PoC implementation. HardenedBSD could gain support for toggling based on the user namespace, given proper permissions. However, that is outside the scope of this issue. Perhaps if the user namespace is supported in the future, we could revisit its integration here.
shawn.webb commented 1 month ago
Owner
There is no content yet.
Sign in to join this conversation.
No Milestone
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Loading…
There is no content yet.