Hi, First off, I apologize if this is not the correct place to report such things. If it's not, please let me know and I'll create it elsewhere. Beaglebone and possibly most ARM boards seem to not have CAPABILITIES enabled. Would it be reasonable to turn it on by default, especially for FreeBSD 11? Additionally, the behavior is strange. If the program calls cap_enter() it is not killed, it silently proceeds and you can only tell that it's not working by the effect of the program (putting cap_enter() before open(), for instance), or watching it with truss. It seems slightly misleading from a security standpoint that way. So this request goes two ways. First: If Capsicum is not supported, should the program be killed if it tries to use Capsicum? Second: Should Capsicum be turned on by default on the ARMv6 branch? Thank you, Teran
Has anyone had a chance to look into this? Thank you!
A commit references this bug: Author: emaste Date: Thu Sep 13 21:00:17 UTC 2018 New revision: 338666 URL: https://svnweb.freebsd.org/changeset/base/338666 Log: Enable Capsicum on armv6/armv7 We ought to be consistent across our Tier-1 and nearly-Tier-1 architectures, so enable Capsicum for 32-bit armv6/armv7 by default. PR: 204008 Reviewed by: ian, oshogbo Approved by: re (gjb) Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D17023 Changes: head/sys/arm/conf/std.armv6 head/sys/arm/conf/std.armv7