Contributed by rueda on from the portable-gaming dept.
The next p2k17 report comes from Anthony J. Bentley (bentley@):
Back in April, Stefan Sperling (stsp@) asked if anyone was interested in using Atheros’s freely licensed sources to build firmware for
athn(4)USB wireless cards. I never saw any takers on the mailing list, so when coming up with ideas to work on this hackathon I decided to give it a shot.
When I arrived in Berlin, Stefan had already started work on the same project. After a few days of back and forth with him and Stuart Henderson (sthen@), I came up with packages for a GCC cross-compiler, firmwares built with the cross-compiler, and a minimal patch for
athn-firmwareto install these firmwares.
The built firmware doesn’t perfectly match the precompiled firmware
athncurrently uses, so the wireless driver still needs some modifications to cope, but it hopefully won’t be too difficult to get things running. And since the source is available and freely licensed, potential future work includes both auditing the firmware and fixing any found bugs or vulnerabilities.
The next item I wanted to get done was mitigating potential danger in
pkg_add(1). Some people might be unaware that
pkg_adddoes more than just copy files from a package to the filesystem—it can execute code during installation too, if the packing list contains @exec. This is most often used for desktop software: such packages typically include special files containing menu entries, icons, filetype handlers, and so on, and use @exec to update a systemwide cache of these special files.
For example, every time the
mgba-qtpackage is installed or updated, a program called
update-desktop-databaseruns and adds the file
mgba-qt.desktopto the desktop cache, so it shows up in your desktop’s programs menu. And every time the package is deleted,
mgba-qt.desktopfrom the desktop cache.
Notice the word “updated” in there. Yes,
update-desktop-databaseruns once per package, every upgrade. It parses custom file formats—a task notorious in today’s world for being prone to vulnerabilities—and what’s parsed includes data from hundreds of potentially untrustworthy sources. And it does so as the superuser. This situation just screams for privilege reduction.
I mentioned it casually in the presence of Jasper Lievisse Adriaanse (jasper@)… and was happy to be greeted the next day with the news that he’d
pledge(2)d the biggest risks:
gtk-update-icon-cache! Nearly 800 packages run one of these programs on install, so modifying just these three makes a huge impact.
pledge()API is really well suited for this purpose. It locks down programs to a minimal subset of capabilities, perfect for processes we want to lock down for security reasons. It is also very simple to use, and the patches introduced to the tree are relatively unobtrusive.
I followed up with pledges for the remaining most common programs (
glib-compile-schemasfor desktop software settings, and the font tools
mkfontscale—soon to be committed). Jasper and I tossed around some ideas to ratchet things down even further, but tabled them for the moment as they’d be fairly intrusive. (There is more work in this direction coming down the pipeline, though, so stay tuned…!)
The hackathon was an opportunity to take on some other tasks that I’d been too busy to get to before. One involved an occasional build failure of
apertium-cat, a Catalan dictionary used by
apertium(think “Google Translate” in your terminal); the fix involved forcing it to use
python’s built-in XML parser rather than the
py-xmlpackage, which is no longer actively developed upstream.
Over the week I updated several other packages to newer versions and added a few brand new ones (real-time strategy
unknown-horizons, PlayStation Portable emulator
ppsspp, and a handful of new languages for
apertiumto translate). Interspersed throughout were many train rides and walks down quiet city streets.
Come Monday evening it was finally time to head homeward, and while away my time in the airport lounge with
ppsspp’s built-in homebrew games.
Many thanks to Stefan for hosting another wonderful Berlin hackathon, and to the OpenBSD Foundation, other developers, and contributors who make it all possible!
Thanks for the work and the (marked up :) report!
(Comments are closed)
By Anonymous Coward (126.96.36.199) on
Thank you very much for the work on the Atheros driver! It seems like every laptop I buy to run OpenBSD has that hardware in it.
By Anonymous Coward (188.8.131.52) on
Yay! The more pledge the better!