joeyh, 2 months ago

Here's the malicious commit that disabled the Landlock sandbox. Pretty slick!

https://git.tukaani.org/?p=xz.git;a=commitdiff;h=328c52da8a2bbb81307644efdb58db2c422d9ba7

• A compile check is done here because some systems have

• linux/landlock.h, but do not have the syscalls defined

• in order to actually use Linux Landlock.

That may even be true.

jamescooke, 2 months ago

@joeyh Took me ages 😬

demiurg, 2 months ago

@jamescooke @joeyh Thank you...I didn't see it the umpteenth time I read it and was about to lose my mind over people talking about dots.

UkiahSmith, 2 months ago

@joeyh would this be something linting and formatters would catch, or make easier to catch?

At the least it would properly indent which might make it more obvious.

jamescooke, 2 months ago

@UkiahSmith @joeyh I’m no C person, but I think this would be hard. It looks to me like the code is packed inside a string - someone would have to turn on a linter and explicitly check that string.

0x, 2 months ago

@joeyh So sneaky. I reviewed the code several times before I even saw the added '.'

tshirtman, 2 months ago

@0x @joeyh damn, this “underhanded c contest” worthy, even after your comment, and understanding something must make this code not compile, I had a hard time spotting it.

cloud_manul, 2 months ago

@joeyh I am not an expert in C, can you explain what is caused by the addition of the dot?

timbray, 2 months ago

@cloud_manul @joeyh The . would cause the code to fail to compile, which would be detected and thus disable the landlock capability.