systrace'd ports build

Hi there!

The attached diff wraps regular port build targets (from pre-extract to post-package) with systrace calls and provides the necessary infrastructure to create a policy for each port on distfile extraction.

Systrace is activated by setting USE_SYSTRACE=Yes in a port's Makefile, /etc/mk.conf or on the command line. The included policy forbids a port to write outside its WRKOBJDIR, except for a few exceptions and should furthermore forbid any port to open a network connection.

I did a full package build with a variant of this diff and am running this diff for a few days now. So far I only recognized gtk+2 as being not buildable with USE_SYSTRACE=Yes.

Please test this and give me some feedback. I'd also like to know whether this is seen as useful or not.

>From my experience systrace can be a large performance penalty on large
ports like qt3, especially on slow machines. Therefore I suggest this patch be used by porters while porting or testing other people's ports, to ensure the port doesn't do anything nasty. Nasty stuff is logged to /var/log/messages.

Again, please give me feedback on this!

Nikolay

-- 
OpenPGP: 0x2036A3A7 - 64E4 7D77 F5C0 EA47 A901  51EF 6E54 6E4F 2036 A3A7

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related openbsd.org Links advocacy announce bugs ipv6 misc ports ports-changes security-announce smp source-changes tech Request more information about Pantek