From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id BE0CA1D5C0; Fri, 05 Dec 2025 16:01:56 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id 745271D5B7; Fri, 05 Dec 2025 16:01:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_PASS,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=4.0.1 Received: from mail-yw1-x112f.google.com (mail-yw1-x112f.google.com [IPv6:2607:f8b0:4864:20::112f]) by atuin.qyliss.net (Postfix) with ESMTPS id 7A8EC1D5B5 for ; Fri, 05 Dec 2025 16:01:53 +0000 (UTC) Received: by mail-yw1-x112f.google.com with SMTP id 00721157ae682-78ac9f30833so19543087b3.0 for ; Fri, 05 Dec 2025 08:01:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1764950511; x=1765555311; darn=spectrum-os.org; h=cc:to:message-id:content-transfer-encoding:mime-version:subject :date:from:from:to:cc:subject:date:message-id:reply-to; bh=jLck93tX0m/zF8zJwFwFUmkZpHsRktLWKS3PNxeX230=; b=CUgVHf6zy/AAGuaU4Qb40tbL+RWu2jpz8L5hpp9Fu2WSZE0SNInuUqiw33cI05WBPq wo9vacZQbCCPg0JlhWfS0GZqwKYsnCyKwvb0iEuFzviJYaI3uxD9oI0svwc3pie3DHAM KVckUrmIlhEAtG2VVKIFooU58OAcSyjUHits5w16n+bFHHxqMb1Mc9hsNnRH4qzjkpeK fSywlxOj5DzBH3UVfzEj3CAjBayrTO/MVXNsk4iIIvv84IPYUPz1FNisxbS4n5hgBy8/ QiY0GYaP7PP9D6FYLJVtUzoY3nLv5gz+vKd+DV1dWGUeDG2YmfOj7/tYgFlCDKnKZEG5 XR4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1764950511; x=1765555311; h=cc:to:message-id:content-transfer-encoding:mime-version:subject :date:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=jLck93tX0m/zF8zJwFwFUmkZpHsRktLWKS3PNxeX230=; b=LdemyG2MsvgS3WC50obHhnTchEvOFJ+yM6+69LUvQLReU5mMB25mM3b6I7u45pSnX6 2eyB/9uT8vevHv486ui+hfv1ub+lKgvIy6icdKEqi2AESicxJ5CrM45yDbmU4wIkP3db klc351XqZSOmvJKIr79soywBRTMy79K+QFgYI+8FiLbdGwk1ga9U8QA5uZ2lOHvro6nd RKv3ECky/mteCHPXUOWpm23nPJn2e9IGMt/b2zbkTJQxQiE0yUhjA2rJzOSgBP5w5dN2 3gk2C3S+0AGy/CmfRfgpuyCxIHuqTZ4Vi3FKkM6vnmzQKiBKn8IGBMZXuJVAWVDkob1Z 8s2A== X-Gm-Message-State: AOJu0YzEsf+NV1exe2i8SIE0hQgoydFsbKkNHh2DwP34utiZZcR7AuvC vonsO1fIIRPUaoqd/m9xMCTWhiS90x0kAPyUf3jKmmvcC+z8g1ftGxey1wGnjQ== X-Gm-Gg: ASbGncscEI0il3EXoVcrxS6R4Lu/gDvmmmKP8ZtHPHqDYdtUGIWF5PmKOHVLmMIC4es PsTPPiTUvlGJUiXubm2fVoUibxaiuJVMMMV+MvrYR/gr8HdL1wMwnro5RQE6zvdVJAI8ZDJcLQ9 vti3iXHYYas+cvGZD3mVEW3hhC1rtFEy2YmCSvIDkurqP/zaOTi3CM8kJM/aNzBL2jVzuAPJ9bT GR/Zy+M9mtLljSyFxV3ykIGBbfNQrMAKvawiMrIpPWg0WPxLWTPJ9WxD6FdLvuj1UmFOUsgTn/i Cj9u880tredTobjfUnn7c6GobwoteerB09vPGpkBVI6gR1H6mEfoppm3dt0im4Ap6Ysb4n4JzKQ L7Z43bBXh4EHIC7ZWm36/vunx9JjVIYqPSinbYerHbby3P+rKnetXiwj8cpQTxFAlzp/Jl/JZ6I ao1gmNdOX45HNETyDDAJOwhsqcCq8RUb4AFYhfrUd9WAiUwy9fZ53D0okIXRCm+lcq5iH/FfmrP 4BNe9YFKL+ykcgCCenizOhKpq3j9N6B7Ig= X-Google-Smtp-Source: AGHT+IH4b9IUkLTD9dsQpeCzFiT9ctJQOyjGHef//t5DO0z8qxNGQFffQDsqXl6KU3oBiNZVLMbdkA== X-Received: by 2002:a05:690c:3811:b0:788:e74:b277 with SMTP id 00721157ae682-78c0c18c3e5mr85053617b3.63.1764950510712; Fri, 05 Dec 2025 08:01:50 -0800 (PST) Received: from localhost.localdomain (h96-60-249-169.cncrtn.broadband.dynamic.tds.net. [96.60.249.169]) by smtp.gmail.com with UTF8SMTPSA id 00721157ae682-78c1b7a6559sm17953197b3.51.2025.12.05.08.01.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Dec 2025 08:01:50 -0800 (PST) From: Demi Marie Obenour Date: Fri, 05 Dec 2025 11:01:30 -0500 Subject: [PATCH] host/rootfs: Set no_new_privs in PID 1 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <20251205-no-new-privs-v1-1-56cbdf7de44f@gmail.com> X-B4-Tracking: v=1; b=H4sIANkBM2kC/x3MPQqAMAxA4auUzAZixB+8ijiIppqlSgpVkN7d4 vgN770QxVQijO4Fk6RRz1BQVw7WYwm7oG7FwMRtzdRiODHIjZdpisiemYZhpb7poCSXidfn301 zzh8bQz7FXgAAAA== X-Change-ID: 20251205-no-new-privs-2f22088c0736 To: Spectrum OS Development X-Mailer: b4 0.14.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1764950489; l=1000; i=demiobenour@gmail.com; s=20250729; h=from:subject:message-id; bh=Sn3SNgd0gD0s/yTu5QHqlvW47UwIbb7P1E/orUNNziY=; b=xk6qf5ECBCkXTS1YIvDP8d3TSuaEDgxe+6dF2JQxPwOQieqjxJQiEHNVlVDBaaMIzDVdumjM8 DxRYD4/E0lsDz67aF4TYq6LVoVRwm/35KL8GB8nEtkJWk/pUDC9BJoT X-Developer-Key: i=demiobenour@gmail.com; a=ed25519; pk=X57Q4/YQDj9t4SBeKaDwvXYKB6quZJVx/DE2Ly2out0= Message-ID-Hash: 5YUPHM3VEXEIFOEWJTYWSUG32A2EM5PE X-Message-ID-Hash: 5YUPHM3VEXEIFOEWJTYWSUG32A2EM5PE X-MailFrom: demiobenour@gmail.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Alyssa Ross , Demi Marie Obenour X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: This prevents any program on the host from gaining privileges via execve(), ever. There are currently no such programs on the host so this should be a no-op for now. Signed-off-by: Demi Marie Obenour --- host/rootfs/image/etc/init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/host/rootfs/image/etc/init b/host/rootfs/image/etc/init index 4085fa55545e7309004967e443e47fc2b82b0663..e9938acec866045962a8ead096d199cbd3792469 100755 --- a/host/rootfs/image/etc/init +++ b/host/rootfs/image/etc/init @@ -2,4 +2,4 @@ # SPDX-License-Identifier: EUPL-1.2+ # SPDX-FileCopyrightText: 2022 Alyssa Ross -/bin/s6-linux-init -c /etc/s6-linux-init -s /run/param -- $@ +/usr/bin/setpriv --no-new-privs -- /bin/s6-linux-init -c /etc/s6-linux-init -s /run/param -- $@ --- base-commit: 92e219e7c08c479d216a46d2736ea9d229ff034d change-id: 20251205-no-new-privs-2f22088c0736 -- Sincerely, Demi Marie Obenour (she/her/hers)