dhcpcd-discuss

On Mon, Jun 25, 2018 at 09:19:35AM +0100, Roy Marples wrote:
> Happy to consider pledge patches. I have almost zero knowledge in this area.

This is actually something I could potentially help with.  I believe I
can use ktrace for a good starting point, and add pledge permissions
until we get a working product.

> > As the OpenBSD port maintainer for dhcpcd it's something I'd quite like
> > to have, but it's going to be a reasonable amount of work, especially
> > if it needs to be disable-able via #ifdefs..
> 
> The biggest issue with doing this is that more memory and resources would be
> used up which is not something everyone wants.
> dhcpcd is very customisable in how the end binary looks. The last time I
> checked you could get it as small as 20k, but also lost a lot of
> functionality too. I see this as being no different in this regard.

I'm obviously biased in this area, but I think it would be a huge win
for the community to have a "secured" (at minimum non-root where
possible) dhcpv6 client, as I can't seem to find one.  I don't believe
it would significantly bloat the code (at least I've seen this done over
and over in OpenBSD base without doing so), and having processes with
auditable interfaces would be nice along with paving the way for
pledge() or SELinux(?).  I'm not a security expert, but this seems to be
the pattern that network daemons and browsers are trending towards these
days.

That being said I think you've done some great work!  I wouldn't fault
you for disregarding this information, as you've done far more than I
ever have :)

> The only people asking for this are OpenBSD users. I have noticed the number
> of OpenBSD users is steadily growing.

I'm one of these guys :)