Open MostAwesomeDude opened 3 years ago
A straightforward, low-cost approach is: document it. That is: document that since makeFileResource
provides access to the filesystem, and linux has a /proc/self/mem
thingy in the filesystem, that makeFileResource
on linux can access process memory in a way that violates encapsulation, memory safety, and sanity itself.
See totally_safe_transmute for a demonstration in Rust. To prevent this particular attack:
makeFileResource
.makeFileResource
. The attenuation could include traversal into subprocesses.This isn't urgent, but it's very much the sort of thing that Monte should try to abrogate.