redox-os issueshttps://gitlab.redox-os.org/groups/redox-os/-/issues2021-06-01T13:57:01Zhttps://gitlab.redox-os.org/redox-os/ion/-/issues/705Add `type`-builtin instead of `which`2021-06-01T13:57:01ZMichael Aaron Murphymmstick@pm.meAdd `type`-builtin instead of `which`*Created by: LeonardKoenig*
**Description**: `which` is a remnant of csh and behaves on many shells differently, `type` has since replaced it as a portable and standardized alternative, cf. https://unix.stackexchange.com/questions/85249...*Created by: LeonardKoenig*
**Description**: `which` is a remnant of csh and behaves on many shells differently, `type` has since replaced it as a portable and standardized alternative, cf. https://unix.stackexchange.com/questions/85249/why-not-use-which-what-to-use-then
**Proposed change**: Add `type` shell-builtin, possibly deprecate/remove `which`.Ion Shell v1.0.0https://gitlab.redox-os.org/redox-os/relibc/-/issues/73Implement mman.h definitions2023-04-01T20:40:59ZDan RobertsonImplement mman.h definitionsImplement the [sys/mman.h] definitions.
- options
- [x] `PROT_READ`
- [x] `PROT_WRITE`
- [x] `PROT_EXEC`
- [x] `PROT_NONE`
- flags
- [x] `MAP_SHARED`
- [x] `MAP_PRIVATE`
- [x] `MAP_FAILED` (implemented in bits/sys...Implement the [sys/mman.h] definitions.
- options
- [x] `PROT_READ`
- [x] `PROT_WRITE`
- [x] `PROT_EXEC`
- [x] `PROT_NONE`
- flags
- [x] `MAP_SHARED`
- [x] `MAP_PRIVATE`
- [x] `MAP_FAILED` (implemented in bits/sys/mman.h)
- [x] mlock and posix_madvise constants
- [ ] more
[sys/mman.h]: http://pubs.opengroup.org/onlinepubs/007904875/basedefs/sys/mman.h.htmlhttps://gitlab.redox-os.org/redox-os/relibc/-/issues/79Create cargo-fuzz targets2018-06-13T19:39:51ZDan RobertsonCreate cargo-fuzz targetsCreate [cargo-fuzz] targets for relevant functions. It would be particularly easy to create a fuzzer target for some of the functions in the [string] crate.
[cargo-fuzz]: https://github.com/rust-fuzz/cargo-fuzz
[string]: https://gith...Create [cargo-fuzz] targets for relevant functions. It would be particularly easy to create a fuzzer target for some of the functions in the [string] crate.
[cargo-fuzz]: https://github.com/rust-fuzz/cargo-fuzz
[string]: https://github.com/redox-os/relibc/tree/master/src/stringhttps://gitlab.redox-os.org/redox-os/relibc/-/issues/158Will Redox-OS have a hardened malloc?2019-09-20T03:06:17ZJeremy SollerWill Redox-OS have a hardened malloc?*Created by: redox-questions*
OpenBSD has an "S" option for malloc (mitigation):
ln -fs S /etc/malloc.conf
https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/stdlib/malloc.c
https://man.openbsd.org/malloc.conf
S - Ena...*Created by: redox-questions*
OpenBSD has an "S" option for malloc (mitigation):
ln -fs S /etc/malloc.conf
https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/stdlib/malloc.c
https://man.openbsd.org/malloc.conf
S - Enable all options suitable for security auditing.
C - “Canaries”. Add canaries at the end of allocations in order to detect heap overflows. The canary's content is checked when free(3) is called. If it has been corrupted, the process is aborted.
G - “Guard”. Enable guard pages. Each page size or larger allocation is followed by a guard page that will cause a segmentation fault upon any access.
J - “More junking”. Increase the junk level by one if it is smaller than 2.
Will Redox OS use them by default & mandatory?
Thanks.https://gitlab.redox-os.org/redox-os/userutils/-/issues/34User enumeration at login2018-06-13T19:39:51ZJeremy SollerUser enumeration at login*Created by: xTibor*
The `login` program is vulnerable to user enumeration. It only asks for a password and does a timeout when the specified user account exists, thus allowing malicious actors to brute force the possible users at a rat...*Created by: xTibor*
The `login` program is vulnerable to user enumeration. It only asks for a password and does a timeout when the specified user account exists, thus allowing malicious actors to brute force the possible users at a rate of hundreds of usernames per second. (when login asks for a password = valid user on the system).
**Demo:**
https://www.youtube.com/watch?v=7XfipgWmpxM
**Possible fix:**
Ask for a password and do a timeout even the specified user doesn't exist.https://gitlab.redox-os.org/redox-os/orbutils/-/issues/44User enumeration in orblogin2018-06-13T19:39:51ZJeremy SollerUser enumeration in orblogin*Created by: xTibor*
Similar to https://github.com/redox-os/userutils/issues/34. The difference is that when there's a timeout on the login attempt that means the user exists on the system. The usernames can also be brute forced, just a...*Created by: xTibor*
Similar to https://github.com/redox-os/userutils/issues/34. The difference is that when there's a timeout on the login attempt that means the user exists on the system. The usernames can also be brute forced, just at a slower rate.https://gitlab.redox-os.org/redox-os/userutils/-/issues/35Input validation in useradd2021-11-02T17:15:06ZJeremy SollerInput validation in useradd*Created by: xTibor*
`usedadd` doesn't seem to validate its input arguments. Usernames containing newlines and semicolons can corrupt the `group` and `passwd` files.
**Example:**
```
user:~# sudo useradd "aaa
bbb
ccc"
``...*Created by: xTibor*
`usedadd` doesn't seem to validate its input arguments. Usernames containing newlines and semicolons can corrupt the `group` and `passwd` files.
**Example:**
```
user:~# sudo useradd "aaa
bbb
ccc"
```
```
user:~# cat /etc/group
root;0;root
user;1000;user
sudo;1;user
aaa
bbb
ccc;1001;aaa
bbb
ccc
```
```
user:~# cat /etc/passwd
root;$argon2i$m=4096,t=10,p=1$Tnc4UVV0N00$ML9LIOujd3nmAfkAwEcSTMPqakWUF0OUiLWrIy0nGLk;0;0;root;file:/root;file:/bin/ion
user;;1000;1000;user;file:/home/user;file:/bin/ion
aaa
bbb
ccc;!;1001;1001;aaa
bbb
ccc;/;file:/bin/ion
```https://gitlab.redox-os.org/redox-os/relibc/-/issues/94Make the root build.rs smarter2018-06-13T19:39:51ZDan RobertsonMake the root build.rs smarterCurrently we create a crate for each header we want to output. As a result there is quite a bit of super generic work that occurs when a new header is created. We could create a build script for the root crate that functions more like th...Currently we create a crate for each header we want to output. As a result there is quite a bit of super generic work that occurs when a new header is created. We could create a build script for the root crate that functions more like the [`main` in cbindgen](https://github.com/eqrion/cbindgen/blob/master/src/main.rs) that is used for their test script. This would allow us to use modules or crates (in the rare case that wee need it) to build a new header.
### Example
We currently have the following
```
├── src
│ ├── simple
│ │ ├── Cargo.toml
│ │ ├── cbindgen.toml
│ │ ├── build.rs
│ │ └── src
│ │ └── lib.rs
│ └── complex
│ ├── Cargo.toml
│ ├── cbindgen.toml
│ ├── build.rs
│ └── src
│ ├── lib.rs
│ └── other-stuff.rs
...
```
If we make the root `build.rs` a bit smarter. AFAIK we could have something like the following.
```
├── src
│ ├── simple.rs
│ ├── other.rs
│ ├── other.toml
│ └── complex
│ ├── Cargo.toml
│ ├── cbindgen.toml
│ └── src
│ ├── lib.rs
│ └── other-stuff.rs
...
```
Where `other` needs it's own config and `simple` can just use the default config.https://gitlab.redox-os.org/redox-os/syscall/-/issues/26fchmod API2021-08-06T13:19:17ZSamwiseFilmoremggmugginsmc@gmail.comfchmod API`fchmod` takes two `u32`'s as uid and gid which are subsequently cast to usize. Everywhere else in the API uids and gids are `usize`. I'd prefer to just use `u32` for uid and gid, but that's a personal preference and since `usize` is use...`fchmod` takes two `u32`'s as uid and gid which are subsequently cast to usize. Everywhere else in the API uids and gids are `usize`. I'd prefer to just use `u32` for uid and gid, but that's a personal preference and since `usize` is used everywhere else, I don't mind too much, but I'd like to see `fchmod` get changed to reflect the decision on type for uid and gid, regardless.
Originally posted in #21 https://gitlab.redox-os.org/redox-os/relibc/-/issues/101signal: Implement sigaction2023-02-26T10:24:25ZDan Robertsonsignal: Implement sigaction`sigaction` is not currently implemented, and is needed for implementing `signal` etc.
- [x] Implement basic wrappers for the `sigaction` syscall for linux and redox in the `platform` crate.
- [ ] Implement `restorer` for linux. (It loo...`sigaction` is not currently implemented, and is needed for implementing `signal` etc.
- [x] Implement basic wrappers for the `sigaction` syscall for linux and redox in the `platform` crate.
- [ ] Implement `restorer` for linux. (It looks like [redox-os/syscall] already implements `sigrestore`)
- [ ] Implement `sigaction` in the `signal` crate.
[redox-os/syscall]: https://github.com/redox-os/syscallhttps://gitlab.redox-os.org/redox-os/pkgutils/-/issues/26Use/study TUF (The Update Framework) for security design2018-06-26T12:52:12ZJeremy SollerUse/study TUF (The Update Framework) for security design*Created by: sptankard*
In there interest of doing things the right way from the beginning, I think looking at TUF and potentially using some of the codebase may be a good idea (there's a rust-lang version). What TUF is:
> The Updat...*Created by: sptankard*
In there interest of doing things the right way from the beginning, I think looking at TUF and potentially using some of the codebase may be a good idea (there's a rust-lang version). What TUF is:
> The Update Framework (TUF) helps developers maintain the security of a software update system, even against attackers that compromise the repository or signing keys. TUF provides a flexible framework and specification that developers can adopt into any software update system.
https://github.com/theupdateframework/tuf
https://theupdateframework.github.io/security.html
https://github.com/theupdateframework/specification/blob/master/tuf-spec.md#the-update-framework-specification
Implementation in Rust:
https://github.com/heartsucker/rust-tuf
https://docs.rs/tufhttps://gitlab.redox-os.org/redox-os/pkgutils/-/issues/27Integrate pkgutils with OSTree (libostree)2023-02-25T15:10:34ZJeremy SollerIntegrate pkgutils with OSTree (libostree)*Created by: sptankard*
OSTree has some neat properties that are particularly useful when combined in a hybrid model with a package manager.
libostree: https://github.com/ostreedev/ostree
One of the developers mentioned here the p...*Created by: sptankard*
OSTree has some neat properties that are particularly useful when combined in a hybrid model with a package manager.
libostree: https://github.com/ostreedev/ostree
One of the developers mentioned here the potential for using libostree in writing a new package manager:
https://youtu.be/4A_xl5dC210?t=15m20s
(DevConf, Colin Walters: Hybrid image/package OS updates with rpm-ostree; at 15m20s)
This has already been done for RPM/yum/DNF, but of course that system carries a lot of legacy baggage from RPM:
https://github.com/projectatomic/rpm-ostreehttps://gitlab.redox-os.org/redox-os/relibc/-/issues/103stat: Implement stat.h definitions2024-01-03T16:43:37ZJeremy Sollerstat: Implement stat.h definitions*Created by: sajattack*
I'm gonna work on this header, just making an issue so everyone knows and we don't duplicate work.
- [x] chmod
- [x] fchmod
- [x] fstat
- [x] lstat
- [x] mkdir
- [x] mkfifo
- [x] mknod (POSIX *only* needs FIFO su...*Created by: sajattack*
I'm gonna work on this header, just making an issue so everyone knows and we don't duplicate work.
- [x] chmod
- [x] fchmod
- [x] fstat
- [x] lstat
- [x] mkdir
- [x] mkfifo
- [x] mknod (POSIX *only* needs FIFO support)
- [x] stat
- [x] umaskhttps://gitlab.redox-os.org/redox-os/redox-ssh/-/issues/1Add setup instructions2018-06-13T19:39:51ZERnsTLAdd setup instructionsGreetings, please add a short step-by-step guide on how to get it running on Redox.Greetings, please add a short step-by-step guide on how to get it running on Redox.https://gitlab.redox-os.org/redox-os/redox-ssh/-/issues/2Add project to Redox cookbook2018-06-13T19:39:51ZERnsTLAdd project to Redox cookbookGreetings, Redox now has a kind of simple applications package repository, the [Redox cookbook](https://github.com/redox-os/cookbook/tree/master/recipes). Please add a recipe for ```redox-ssh``` in order to make it easily-installable and...Greetings, Redox now has a kind of simple applications package repository, the [Redox cookbook](https://github.com/redox-os/cookbook/tree/master/recipes). Please add a recipe for ```redox-ssh``` in order to make it easily-installable and more known. Also making the list of Redox applications longer :-)
Thanks and greetings.https://gitlab.redox-os.org/redox-os/relibc/-/issues/111Find a way to check the argument and return types against the OpenGroup defin...2018-11-26T13:13:44ZDan RobertsonFind a way to check the argument and return types against the OpenGroup definitionsIt was noted in #89 that it would be good to find a way to automagically check the function types against the OpenGroup definitions.It was noted in #89 that it would be good to find a way to automagically check the function types against the OpenGroup definitions.https://gitlab.redox-os.org/redox-os/termios/-/issues/1Unused import2018-06-13T19:39:49ZJeremy SollerUnused import*Created by: LuoZijun*
See title.
https://github.com/redox-os/termios/blob/61d61434c5ba1019ea3c6270a7e5b0cd74d64260/src/lib.rs#L4
https://github.com/redox-os/termios/blob/61d61434c5ba1019ea3c6270a7e5b0cd74d64260/Cargo.toml#L15*Created by: LuoZijun*
See title.
https://github.com/redox-os/termios/blob/61d61434c5ba1019ea3c6270a7e5b0cd74d64260/src/lib.rs#L4
https://github.com/redox-os/termios/blob/61d61434c5ba1019ea3c6270a7e5b0cd74d64260/Cargo.toml#L15https://gitlab.redox-os.org/redox-os/redox/-/issues/1174Tracking issue for partitioning2020-08-10T19:47:53ZJeremy SollerTracking issue for partitioning*Created by: jD91mZM2*
Tracking issue for partitioning, which is a blocking issue for multibooting.
- [ ] Decide on URI path for accessing partitions as files (as everything is a URI). Currently `nvmed` and `ahcid` will name the raw d...*Created by: jD91mZM2*
Tracking issue for partitioning, which is a blocking issue for multibooting.
- [ ] Decide on URI path for accessing partitions as files (as everything is a URI). Currently `nvmed` and `ahcid` will name the raw disks after their numbers, and the partitions of the disks as `{disk}p{partition}`.
- [x] Implement GPT
- [ ] Implement GPT in the bootloader for legacy booting
- [x] Implement GPT in the UEFI bootloader. This currently uses the EFI boot services to find partitions, so it depends on firmware support.
- [x] Implement MBR
- [x] Implement MBR in the bootloader for legacy booting
- [x] Implement MBR in the UEFI bootloader. As with GPT, this depends on firmware support.
- [ ] Make kernel respect partition boundshttps://gitlab.redox-os.org/redox-os/users/-/issues/21Proper Locking2020-12-31T18:31:53ZSamwiseFilmoremggmugginsmc@gmail.comProper LockingThis issue came to light in #20 that file locking does not work and insists on not working. I tried to do something about it under linux and that did not work. I'll do some more if I can and hopefully get that working.
On the redox si...This issue came to light in #20 that file locking does not work and insists on not working. I tried to do something about it under linux and that did not work. I'll do some more if I can and hopefully get that working.
On the redox side of things, file locking is completely unimplemented, even though the open flags are there. I may do some work. @jackpot51 is there an issue in another repository that is tracking the status of file locking in Redox?https://gitlab.redox-os.org/redox-os/redoxfs/-/issues/38File Locking2018-06-16T08:06:32ZSamwiseFilmoremggmugginsmc@gmail.comFile LockingImplement file locking. From what @jackpot51 said, locking is to be mandatory.Implement file locking. From what @jackpot51 said, locking is to be mandatory.