wiki:FutureHaiku/Security

Version 10 (modified by mmu_man, 6 years ago) ( diff )

--

Already done

  • W^X for the kernel
  • SMEP/SMAP
  • ASLR & KASLR
  • NX bit

Low-Hanging Fruit

  • Audit filesystem privilege checks
  • Audit permissions of all folders in the default install
  • Audit all syscalls & ioctls (_control) for privilege checks.
    • _area functions probably need a lot of thinking here
  • Run the userland as a non-privileged user
  • Fuzz all in-tree parsers
    • driver settings format
    • message
    • rdef

Moderate

  • Don't allow opening files by inode (requires ABI break)
    • maybe recursively checking permissions by recreating the path would do? (we don't support hardlinks on BFS anyway)
  • devfs filemodes
  • Spectre mitigations via GCC flags

Advanced

Far Out

  • Capability-based permissions (Android-style, disableable & re-enableable), probably added to package flags
Note: See TracWiki for help on using the wiki.