Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PVF worker: apply sandboxing per-process #600

Closed
mrcnski opened this issue Jul 13, 2023 · 0 comments · Fixed by #1373 · May be fixed by paritytech/polkadot#7580
Closed

PVF worker: apply sandboxing per-process #600

mrcnski opened this issue Jul 13, 2023 · 0 comments · Fixed by #1373 · May be fixed by paritytech/polkadot#7580
Assignees

Comments

@mrcnski
Copy link
Contributor

mrcnski commented Jul 13, 2023

Currently we apply sandboxing per-thread, when it should be per-process. This shouldn't be a big change, we just need sandboxing exceptions for the artifacts/cache directories.

This should be a priority. Without it, the sandboxing we have with landlock is not really secure.

Related

This is also a blocker for paritytech/polkadot#7334.

@mrcnski mrcnski self-assigned this Jul 13, 2023
@Sophia-Gold Sophia-Gold transferred this issue from paritytech/polkadot Aug 24, 2023
@github-project-automation github-project-automation bot moved this from In Progress to Done in PVF Security Hardening Sep 28, 2023
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 8, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 8, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 8, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 8, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 9, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 9, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 9, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 9, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 9, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 9, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 10, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
serban300 pushed a commit to serban300/polkadot-sdk that referenced this issue Apr 10, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
bkchr pushed a commit that referenced this issue Apr 10, 2024
* estimate_message_delivery_and_dispatch_fee runtime API

* auto-determine message fees in relay

* remove fee argument from relay calls

* Fix import of weight contant

Co-authored-by: Hernando Castano <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
No open projects
1 participant