From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from atuin.qyliss.net (localhost [IPv6:::1])
	by atuin.qyliss.net (Postfix) with ESMTP id C15DC10D1C;
	Wed, 03 Dec 2025 16:11:44 +0000 (UTC)
Received: by atuin.qyliss.net (Postfix, from userid 993)
	id 69B7B10CC4; Wed, 03 Dec 2025 16:11:42 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS
	autolearn=unavailable autolearn_force=no version=4.0.1
Received: from fout-b8-smtp.messagingengine.com
 (fout-b8-smtp.messagingengine.com [202.12.124.151])
	by atuin.qyliss.net (Postfix) with ESMTPS id B07D210CC3
	for <devel@spectrum-os.org>; Wed, 03 Dec 2025 16:11:40 +0000 (UTC)
Received: from phl-compute-06.internal (phl-compute-06.internal [10.202.2.46])
	by mailfout.stl.internal (Postfix) with ESMTP id D819F1D000A1;
	Wed,  3 Dec 2025 11:11:37 -0500 (EST)
Received: from phl-mailfrontend-01 ([10.202.2.162])
  by phl-compute-06.internal (MEProxy); Wed, 03 Dec 2025 11:11:37 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc
	:cc:content-type:content-type:date:date:from:from:in-reply-to
	:in-reply-to:message-id:mime-version:references:reply-to:subject
	:subject:to:to; s=fm3; t=1764778297; x=1764864697; bh=cKx6mNjH6Z
	5gThOImFF3/RCJIAnhqlTZxVsSKsQgjNQ=; b=FguO89JE+vHjgOPp6euXdMAkjZ
	x0JovahJwqCWGkUYDHBa8oiSE2mQqlUsPeYC9X3Scv6yrUHUuI5kYLrqhFs2yf3h
	JgeXrPs6Kr5YkgepWjMoDYMSUvpbpCu/LtOVmT689lojGiFCemwLQvoVVfbJf0Op
	w3wNSTXI1jr53ggFuiPDbJ+IeyrnFKQQC9RztUv9HfkqBA3Zet2qP8tiKtWOVaQB
	2T+EaZcjkVrTTgtPmD2KK2bF0bcNFRwa8OZTzVKQmZTN5NDE60SSmxQNbFheeHDP
	1cY1XF5WrSTFGDIk3ZJNxqNjl6ZE4bzKYCORYuTsH31XpI/k8OaUoLS53TCw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:cc:content-type:content-type:date:date
	:feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
	:message-id:mime-version:references:reply-to:subject:subject:to
	:to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=
	1764778297; x=1764864697; bh=cKx6mNjH6Z5gThOImFF3/RCJIAnhqlTZxVs
	SKsQgjNQ=; b=yxVGZyf4VyJYTYDNEEBUZbfXOz8r2QDKyMpF+gtjcfHnnesc6H0
	1fAU3eTgOpTPhT/BUYK1pMspLooUHMXtdE56EOqa5APHyaJuiCvIp0OwuPgtUV8x
	6ZabT1TpsN+wnM8DbZuelICdAXbOX2PJCFAFQ9ybfCBiUsj6Dr7HjfxkCU4GrOKJ
	XqQ3uhI6y6POvk6ILQ2mhzYG2LeK9zlIYs2VxjQ8+u8t9jpNIAeJe1EgP9tAPACS
	RcIl96lVJSHCjGw/eLGIGY6ik5Ax9iUS4lqQiEhc5EbbxKLriLfrjLnxkuo97GLl
	4+hSZ5aevl2zJpnyaZb0gS8uhgPy6Q608Ag==
X-ME-Sender: <xms:OWEwaQvYakhp-hH3cVcrI3-RHMNpiXVkqQFjLB5hiiVJd4H3iYi_pw>
    <xme:OWEwaRzKUyXQop81LISOID7vEF6ScjretTR6wlwXQiIJKhfI2AsbcuShTbKlTDMEV
    G4er6Nq2WLPsQoLSVVSSyJboZqfUNj9HvWSMc6LRjy23XXw3MApXg>
X-ME-Received: 
 <xmr:OWEwaa7opqH8cH6yDB8m_tgmCzxYOEu0f_APVaVqmHfoKANRZJZ3SgNDt6jOsd5WGAXc>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgdefvdeiucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceurghi
    lhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujfgurh
    ephffvvefujghffffkgggtsehgtderredttddtnecuhfhrohhmpeetlhihshhsrgcutfho
    shhsuceohhhisegrlhihshhsrgdrihhsqeenucggtffrrghtthgvrhhnpeeiudffueeile
    fgtefgtddttdekkeehkefgheekudefveetgeefiefftedvteeuveenucevlhhushhtvghr
    ufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehhihesrghlhihsshgrrdhish
    dpnhgspghrtghpthhtohepfedpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepuggv
    mhhiohgsvghnohhurhesghhmrghilhdrtghomhdprhgtphhtthhopeguvghvvghlsehsph
    gvtghtrhhumhdqohhsrdhorhhgpdhrtghpthhtohephihukhgrseihuhhkrgdruggvvh
X-ME-Proxy: <xmx:OWEwabVdV9-MWOAZCAnAebXYMtFIdK23YhDJqYEOjFcCOumm0aEebQ>
    <xmx:OWEwaW2MvSN_q1AQKALy0zDR-pU-sJd7VTj0oj_vnTjv4kbBYKhvuA>
    <xmx:OWEwaQ08JWe-jRjiLukNSSKBTaclmnKAlgzI4xoJJcc2BXiJUJU1yA>
    <xmx:OWEwaR-7K2sBIzH5xLYJDsI2eHss3sxEne3Zbq5SEe2f_KSRHMBjew>
    <xmx:OWEwaR2WJgVcg8BHzCZrd3j6qFU62L1NJ8psgCUr7qF_tQQ7xGZ0saUH>
Feedback-ID: i12284293:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed,
 3 Dec 2025 11:11:37 -0500 (EST)
Received: by fw12.qyliss.net (Postfix, from userid 1000)
	id 7AE9F43481C3; Wed, 03 Dec 2025 17:11:35 +0100 (CET)
From: Alyssa Ross <hi@alyssa.is>
To: Yureka <yuka@yuka.dev>
Subject: Re: [PATCH v3 2/5] host/rootfs: Sandbox router
In-Reply-To: <2f693f5b-00b4-47f1-ab08-3488f8076351@yuka.dev>
References: <20251203-sandbox-v3-0-f16ae06a251e@gmail.com>
 <20251203-sandbox-v3-2-f16ae06a251e@gmail.com>
 <2f693f5b-00b4-47f1-ab08-3488f8076351@yuka.dev>
Date: Wed, 03 Dec 2025 17:11:33 +0100
Message-ID: <87pl8v7dfu.fsf@alyssa.is>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha512; protocol="application/pgp-signature"
Message-ID-Hash: 55MRHDYSLLHM3HLBZA5LKKUKEYF2DIY2
X-Message-ID-Hash: 55MRHDYSLLHM3HLBZA5LKKUKEYF2DIY2
X-MailFrom: hi@alyssa.is
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation;
 header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1;
 header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3;
 header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 digests; suspicious-header
CC: devel@spectrum-os.org, Demi Marie Obenour <demiobenour@gmail.com>
X-Mailman-Version: 3.3.9
Precedence: list
List-Id: Patches and low-level development discussion <devel.spectrum-os.org>
Archived-At: 
 <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/message/55MRHDYSLLHM3HLBZA5LKKUKEYF2DIY2/>
List-Archive: 
 <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/>
List-Help: <mailto:devel-request@spectrum-os.org?subject=help>
List-Owner: <mailto:devel-owner@spectrum-os.org>
List-Post: <mailto:devel@spectrum-os.org>
List-Subscribe: <mailto:devel-join@spectrum-os.org>
List-Unsubscribe: <mailto:devel-leave@spectrum-os.org>

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Yureka <yuka@yuka.dev> writes:

> On 12/3/25 16:54, Demi Marie Obenour wrote:
>> This needs very little access to the system.
>>
>> Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
>> ---
>>   .../template/data/service/spectrum-router/run         | 19 +++++++++++=
+++++---
>>   1 file changed, 16 insertions(+), 3 deletions(-)
>>
>> diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-se=
rvices/template/data/service/spectrum-router/run b/host/rootfs/image/etc/s6=
-linux-init/run-image/service/vm-services/template/data/service/spectrum-ro=
uter/run
>> index 7b3e3db3b109ba1c8d195c7c47d50d0cfbc30bd5..ef68cd638c092b53cc714a5d=
65bbfa3b49585346 100755
>> --- a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/=
template/data/service/spectrum-router/run
>> +++ b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/=
template/data/service/spectrum-router/run
>> @@ -4,6 +4,19 @@
>>=20=20=20
>>   importas -i VM VM
>>=20=20=20
>> -export RUST_LOG spectrum-router=3Ddebug,info
>> -spectrum-router --app-listen-path ${VM}/router-app.sock --driver-listen=
-path ${VM}/router-driver.sock
>> -
>> +bwrap
>> +  --unshare-all
>> +  --unshare-user
>> +  --dev-bind / /
>> +  --setenv RUST_LOG spectrum-router=3Ddebug,info
>> +  --tmpfs /tmp
>> +  --dev /dev
>> +  --tmpfs /dev/shm
>> +  --ro-bind /nix /nix
>> +  --ro-bind /etc /etc
>> +  --tmpfs /run
> This won't work. The router sets up unix sockets in /run which are=20
> accessed by the vmm.
>> +  --ro-bind /usr /usr
>> +  --ro-bind /lib /lib
>> +  --bind $VM $VM

Doesn't this line cover the sockets, or are there more outside of this
directory?

>> +  --
>> +  spectrum-router --app-listen-path ${VM}/router-app.sock --driver-list=
en-path ${VM}/router-driver.sock

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQGoGac7QfI+H5ZtFCZddwkt31pFQUCaTBhNQAKCRCZddwkt31p
FaaPAP4hyC0BTY80u/H+5/DDbYDlcKYtyOGTzuESenG2K3Bz6QD/eC/FaXUdY4Zn
LcRvCKuRZ6SKXxKQqYpjfL4/8g/GTww=
=eYCj
-----END PGP SIGNATURE-----
--=-=-=--