Add multiplatform notes to todo

boustrophedon · Mar 3, 2022 · 2eb4e2f · 2eb4e2f
1 parent 43db901
commit 2eb4e2f
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/todo.txt b/todo.txt
@@ -23,6 +23,14 @@
   need to determine what syscalls crossbeam channels need (if any) vs flume (if any) (std mpsc is going to be deprecated)
   - feature flag for macro with return value over channel
 
+# Multiplatform
+bsd: pledge
+osx: Seatbelt (`sandboxd`), see gaol below
+windows: ProcessSystemCallDisablePolicy?, see chrome
+
+see
+https://github.com/servo/gaol/
+and chrome?
 
 # New functionality
 https://chromium.googlesource.com/chromium/src.git/+/HEAD/docs/linux/sandboxing.md#User-namespaces-sandbox
@@ -46,5 +54,14 @@ This is the hardest part to remove as we'd have to either rewrite the bpf genera
 
 There are actually two levels of dependencies here: [The Rust bindings](https://github.com/libseccomp-rs/libseccomp-rs) and [the actual C library](https://github.com/seccomp/libseccomp)
 
+maybe use the code from gaol?
+https://github.com/servo/gaol/
+https://github.com/servo/gaol/blob/4544946c5c922ee619a932ae5c3fd1d26f143384/platform/linux/seccomp.rs#L217
+
+also can consider seccompiler, which at least brings the code into pure rust
+and possibly gives us more flexibility on filtering syscall arguments, which is
+a weakness of libseccomp
+https://crates.io/crates/seccompiler
+
 ### syscalls
 Relatively easy to remove by copying directly into the repository, but comes with a maintenance burden of having to update the lists when new syscalls are created.