Closed tmokmss closed 2 months ago
This environment variable is designed for debugging, we can quickly dig out which syscall is required but missed, setting it globally could bring some risks. for example, someone make it unlimited to ensure everything works fine, but at the same time it increases risks.
But it's valuable sometimes, I think it can be merged
But you had better made it a config here https://github.com/langgenius/dify-sandbox/blob/main/internal/types/config.go
And comment it with "Please leave it empty if you have no idea how seccomp works"
@Yeuoly Thanks, I made it a config value. I agree with that it increases risks, but there are usecases that we can compromise (e.g. using self-hosted dify just for their own.)
@Yeuoly Hi, gentle reminder just in case if you missed to click the merge button.
Usecase: I want to allow certain system calls without re-building the sandbox binary to use some additional packages.
The ALLOWED_SYSCALLS is read here in the child process:
https://github.com/langgenius/dify-sandbox/blob/d848aa91a1669b4a1f5052f53993445f4c8163b1/internal/core/lib/python/add_seccomp.go#L31-L40
Let me know if there is any reason to deny to set ALLOWED_SYSCALLS environment variables dynamically 🙏