mweinelt
commented
2 years ago Prefixes to block should be taken from a well maintained list like https://bgpfilterguide.nlnog.net/guides/bogon_prefixes/
Open grahamc opened 2 years ago
mweinelt
commented
2 years ago Prefixes to block should be taken from a well maintained list like https://bgpfilterguide.nlnog.net/guides/bogon_prefixes/
edolstra
commented
2 years ago Hm, why does enabling the sandbox break a lot of applications?
grahamc
commented
2 years ago My understanding is a lot of macOS applications have to find executables on the libraries on the host to successfully build, and that they cannot be provided purely. I've asked @abathur to weigh in.
abathur
commented
2 years ago I don't have the best sense of scale (how many break), but I can give a concrete example: I just ran into an instance of https://github.com/NixOS/nixpkgs/pull/82815#pullrequestreview-378020216 the other day in qtpass while running nixpkgs-review.
cole-h
commented
2 years ago I've done a little bit of playing around with the current sandbox profiles we use in a VM running Big Sur 11.6.3.
Even allowing local networking (by locally patching out the param check at https://github.com/NixOS/nix/blob/7c64a9dfd4a8e9e171ea8b5c1806ca079b2f19ca/src/libstore/sandbox-defaults.sb#L44; I understand that this is guarded for a reason, but it doesn't appear to do what its name implies) appears to also allow global networking:
# test.nix
let
pkgs = import <nixpkgs> { };
in
pkgs.runCommand "test"
{
buildInputs = with pkgs; [
curl
];
}
''
curl google.com
touch $out
''nixos@nixoss-iMac-Pro nix % ./outputs/out/bin/nix-build test.nix
this derivation will be built:
/nix/store/lgwli1ks5n22s6snxvrjafmppx32bj6m-test.drv
building '/nix/store/lgwli1ks5n22s6snxvrjafmppx32bj6m-test.drv'...
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
/nix/store/sns084dvj9rh4yy3g0fspmi46ayizi5r-test(This is with sandbox = true.)
One part of this ticket would probably be to investigate how to lock that down even further.
(For any interested parties, I was able to find "some" reverse-engineered documentation on the .sb file syntax at https://github.com/0xbf00/simbple/blob/master/src/scm/sbpl_v1.scm and https://reverse.put.as/wp-content/uploads/2011/09/Apple-Sandbox-Guide-v0.1.pdf.)
szlend
commented
7 months ago This can be fixed with:
diff --git a/src/libstore/build/sandbox-defaults.sb b/src/libstore/build/sandbox-defaults.sb
index 25ec11285..2ad5fb616 100644
--- a/src/libstore/build/sandbox-defaults.sb
+++ b/src/libstore/build/sandbox-defaults.sb
@@ -45,7 +45,7 @@ R""(
; allow it if the package explicitly asks for it.
(if (param "_ALLOW_LOCAL_NETWORKING")
(begin
- (allow network* (local ip) (local tcp) (local udp))
+ (allow network* (remote ip "localhost:*"))
; Allow access to /etc/resolv.conf (which is a symlink to
; /private/var/run/resolv.conf).I tested these scenarios with netcat on MacOS 14.3.1 (23D60):
They had a similar issue in Bazel: https://github.com/bazelbuild/bazel/issues/10068
I'll draft an MR when I find some time. Ideally the sandbox would have some sort of standalone integration tests without having to go through nix (daemon).
Is your feature request related to a problem? Please describe.
Today, one of hydra.nixos.org's Macs on Hetzner got an abuse report threatening to shut down the server. What happened is the mac built an IPFS related package, started and IPFS server, and spammed the network with traffic. This was not a fixed output derivation.
As I understand it, enabling the full sandbox on macOS breaks building a lot of applications. Therefore, the macOS instances run with
sandbox = false.Describe the solution you'd like I'd like there to be a minimal sandbox which disables non-localhost network access when building non-FODs.
Describe alternatives you've considered
sandbox = trueand seeing if we can figure it out (but this sounds bad and not likely.)Additional context
n/a