Limit the attack surface of spotifyd, an internet facing network daemon with read/write filesystem access and options to execute arbitrary commands.
Most importantly, prevent fork(2)/execve(2) unless onevent is used.
While the set of runtime promises retains full read/write filesystem as well as network access (for now), it does exclude a number of groups of unused system calls -- the manual[0] for details.
OpenBSD's official package has been shipping this patch for a month by now without any regressions or reports of breakage.
Limit the attack surface of spotifyd, an internet facing network daemon with read/write filesystem access and options to execute arbitrary commands.
Most importantly, prevent fork(2)/execve(2) unless
onevent
is used.While the set of runtime promises retains full read/write filesystem as well as network access (for now), it does exclude a number of groups of unused system calls -- the manual[0] for details.
OpenBSD's official package has been shipping this patch for a month by now without any regressions or reports of breakage.
0: https://man.openbsd.org/pledge.2