Mailing List Archive

From:: Mark Kettenis <mark.kettenis@xs4all.nl>
Subject:: Re: libtls: a step towards privsep by default
To:: "Theo de Raadt" <deraadt@openbsd.org>
Cc:: julo.chrobak@gmail.com, tech@openbsd.org
Date:: Sat, 13 Apr 2024 18:41:12 +0200

Download raw body.

Thread

2024-04-13 16:08 Julius Chrobak:
libtls: a step towards privsep by default
- 2024-04-13 16:32 Theo de Raadt:
  libtls: a step towards privsep by default
- - 2024-04-13 16:41 Mark Kettenis:
    libtls: a step towards privsep by default
  - - 2024-04-15 09:20 Julius Chrobak:
      libtls: a step towards privsep by default

> From: "Theo de Raadt" <deraadt@openbsd.org>
> Date: Sat, 13 Apr 2024 10:32:56 -0600
> 
> If I understand this proposal, it is that libtls would eventually
> start to call call fork.
> 
> I think it is not a good idea to have libraries that call fork
> themselves.  It is something that a program should be responsible
> for, not a library.  Programs handle process hierarchies and the
> consequences of having children, and this should not be a surprising
> feature of using a library.

100% agree.  A long time ago I did some work on implementing grantpt()
in glibc using a setuid helper program.  Let's say I was young and
naive...  But it didn't end well.

2024-04-13 16:08 Julius Chrobak:
libtls: a step towards privsep by default
- 2024-04-13 16:32 Theo de Raadt:
  libtls: a step towards privsep by default
- - 2024-04-13 16:41 Mark Kettenis:
    libtls: a step towards privsep by default
  - - 2024-04-15 09:20 Julius Chrobak:
      libtls: a step towards privsep by default