From: "Mickaël Salaün" <mic@digikod.net>
To: Matthieu Buffet <matthieu@buffet.re>
Cc: "Günther Noack" <gnoack@google.com>,
"Konstantin Meskhidze" <konstantin.meskhidze@huawei.com>,
"Ivanov Mikhail" <ivanov.mikhail1@huawei-partners.com>,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
"Tahera Fahimi" <fahimitahera@gmail.com>
Subject: Re: [PATCH v3 3/3] samples/landlock: Clarify option parsing behaviour
Date: Tue, 22 Oct 2024 20:50:03 +0200 [thread overview]
Message-ID: <20241022.Oov8ohRe4shu@digikod.net> (raw)
In-Reply-To: <20241019151534.1400605-4-matthieu@buffet.re>
On Sat, Oct 19, 2024 at 05:15:34PM +0200, Matthieu Buffet wrote:
> Clarify the distinction between filesystem variables (mandatory)
> and all others (optional).
> For optional variables, explain the difference between unset variables
> (no access check performed) and empty variables (nothing allowed for
> lists of allowed paths/ports, or no effect for lists of scopes).
> List LL_SCOPED values understood and their effect.
>
> Signed-off-by: Matthieu Buffet <matthieu@buffet.re>
> ---
> samples/landlock/sandboxer.c | 29 +++++++++++++++--------------
> 1 file changed, 15 insertions(+), 14 deletions(-)
>
> diff --git a/samples/landlock/sandboxer.c b/samples/landlock/sandboxer.c
> index 38fc6ebd7222..96b451cf0531 100644
> --- a/samples/landlock/sandboxer.c
> +++ b/samples/landlock/sandboxer.c
> @@ -296,23 +296,24 @@ static bool check_ruleset_scope(const char *const env_var,
> /* clang-format off */
>
> static const char help[] =
> - "usage: "
> - ENV_FS_RO_NAME "=\"...\" "
> - ENV_FS_RW_NAME "=\"...\" "
> - ENV_TCP_BIND_NAME "=\"...\" "
> - ENV_TCP_CONNECT_NAME "=\"...\" "
> - ENV_SCOPED_NAME "=\"...\" %1$s <cmd> [args]...\n"
> + "usage: " ENV_FS_RO_NAME "=\"...\" " ENV_FS_RW_NAME "=\"...\" "
> + "[other environment variables] %1$s <cmd> [args]...\n"
> "\n"
> - "Execute a command in a restricted environment.\n"
> + "Execute the given command in a restricted environment.\n"
> + "Multi-valued settings (lists of ports, paths, scopes) are colon-delimited.\n"
> "\n"
> - "Environment variables containing paths and ports each separated by a colon:\n"
> - "* " ENV_FS_RO_NAME ": list of paths allowed to be used in a read-only way\n"
> - "* " ENV_FS_RW_NAME ": list of paths allowed to be used in a read-write way\n"
> + "Mandatory settings:\n"
> + "* " ENV_FS_RO_NAME ": paths allowed to be used in a read-only way\n"
> + "* " ENV_FS_RW_NAME ": paths allowed to be used in a read-write way\n"
> "\n"
> - "Environment variables containing ports are optional and could be skipped.\n"
> - "* " ENV_TCP_BIND_NAME ": list of ports allowed to bind (server)\n"
> - "* " ENV_TCP_CONNECT_NAME ": list of ports allowed to connect (client)\n"
> - "* " ENV_SCOPED_NAME ": list of scoped IPCs\n"
> + "Optional settings (when not set, their associated access check "
> + "is always allowed, which is different from an empty string which "
> + "means an empty list)\n"
I would just add ":" at the end of the line. No need to send another
patch for that.
> + "* " ENV_TCP_BIND_NAME ": ports allowed to bind (server)\n"
> + "* " ENV_TCP_CONNECT_NAME ": ports allowed to connect (client)\n"
> + "* " ENV_SCOPED_NAME ": actions denied on the outside of the landlock domain\n"
> + " - \"a\" to restrict opening abstract unix sockets\n"
> + " - \"s\" to restrict sending signals\n"
> "\n"
> "Example:\n"
> ENV_FS_RO_NAME "=\"${PATH}:/lib:/usr:/proc:/etc:/dev/urandom\" "
> --
> 2.39.5
>
>
prev parent reply other threads:[~2024-10-22 18:50 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-19 15:15 [PATCH v3 0/3] samples/landlock: Fix port parsing in sandboxer Matthieu Buffet
2024-10-19 15:15 ` [PATCH v3 1/3] " Matthieu Buffet
2024-10-22 18:50 ` Mickaël Salaün
2024-10-19 15:15 ` [PATCH v3 2/3] samples/landlock: Refactor help message Matthieu Buffet
2024-10-19 15:15 ` [PATCH v3 3/3] samples/landlock: Clarify option parsing behaviour Matthieu Buffet
2024-10-22 18:50 ` Mickaël Salaün [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241022.Oov8ohRe4shu@digikod.net \
--to=mic@digikod.net \
--cc=fahimitahera@gmail.com \
--cc=gnoack@google.com \
--cc=ivanov.mikhail1@huawei-partners.com \
--cc=konstantin.meskhidze@huawei.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matthieu@buffet.re \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox