[Semibug] Will OpenBSD's Pledge and Unveil stop this?

Jonathan Drews jondrews at fastmail.com
Thu Mar 2 12:11:49 EST 2023


Josh:

 Thanks so much for clarifying.

On Thu, Mar 2, 2023, at 10:07, Josh Grosse wrote:
> On Thu, Mar 02, 2023 at 09:43:36AM -0700, Jonathan Drews wrote:
> > Guys and gals:  
> > 
> >  I read this:
> > It's official: BlackLotus malware can bypass Secure Boot on Windows machines
> > https://www.theregister.com/2023/03/01/blacklotus_malware_eset/
> > 
> > Will Pledge and Unveil prevent tsomething like this from invading my OpenBSD laptop?
> 
> I don't think so, it's a different attack vector.  Please also note that
> this is an attack against Secure Boot, which isn't used by OpenBSD.
> 
> The pledge(2) and unveil(2) syscalls are designed for use by the
> application developer to intentionally restrict her application
> to a subset of syscalls or a subset of filesystems.  Useful primarily
> for ensuring the application behaves as the developer intended.
> 
> With pledge() the application aborts if an unauthorized syscall is 
> made, and with unveil() the application fails to open, read, or write
> to unauthorized files or directories.
> 
> _______________________________________________
> Semibug mailing list
> Semibug at lists.nycbug.org
> https://lists.nycbug.org:8443/mailman/listinfo/semibug
> 



More information about the Semibug mailing list