Y
Hacker News
new
|
ask
|
show
|
jobs
by
gonzo
3994 days ago
As noted below, Theo seems to be cautiously boarding the capabilities train with tame. That said, there appear to be some rather large issues with the implementation as it stands.
1 comments
FullyFunctional
3992 days ago
tame(2) seems really ad-hoc. Also, isn't the path checking, like
strncmp(path, "/tmp/", 5) == 0) {
trivially bypassable with a something like /tmp/../usr/bin ?
link