According to https://www.openbsd.org/papers/eurobsdcon2017-pledge.pdf pledge tur... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		_flux 10 months ago \| parent \| context \| favorite \| on: Tj-actions/changed-files GitHub Action Compromised... According to https://www.openbsd.org/papers/eurobsdcon2017-pledge.pdf pledge turns off upon execve. Surely it would be quite limiting for runners to use it. As far as I see its purpose is mostly a mitigation/self-defence for vulnerabilities in C-based apps, so basically limiting what happens once the attacker has exploited a vulnerability. Maybe it has other uses. It could be used defending against bugs in the Node runtime itself, as you say, but as I understand vulnerabilities in the Node runtime itself are quite rare, so more fine-grained limitations could be implemented within itself.

ratmice 10 months ago [–]

I'm not much of an openbsd user, but I have been meaning to understand if this is the hole execpromises is intended to fill.

At the very least, I think execpromises was added a year after the documentation that you linked, so it's worth looking into.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact