[opam-devel] OPAM 1.3 roadmap

Roberto Di Cosmo roberto at dicosmo.org
Tue Feb 24 07:28:46 GMT 2015 

Thanks a lot, Peter, that's precious information (even if
unfortunately the result is not what we would like...)

So it seems that on OS X one should stick to the LD_PRELOAD
trick, which is not perfect, but it's much better than nothing

On Mon, Feb 23, 2015 at 12:54:22PM +0300, Peter Zotov wrote:
> Roberto Di Cosmo wrote:
> >What I do not know is whether something similar is available for *BSD, and
> >even less for Windows.
> 
> I have spent an extended amount of time on this issue in OS X.
> Plain and simple, it is not possible to intercept syscalls on XNU.
> The ptrace API does not implement PTRACE_SYSCALL, and the equivalent
> Mach API, task_set_emulation, has not ever been implemented.
> I've looked into the XNU sources too and there is simply no codepath
> that performs what you need.
> 
> Forget about this kind of user-space sandboxing on OS X.
> 
> However, OS X provides an explicit sandboxing mechanism since 10.5.
> I don't think it will work for opam either:
> 
> The app sandbox container directory has the following characteristics:
> It is located at a system-defined path, within the user’s home directory.
> The container is in a hidden location, and so users do not interact with it
> directly.
> 
> (from https://developer.apple.com/library/mac/documentation/Security/Conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html#//apple_ref/doc/uid/TP40011183-CH3-SW6)
> 
> -- 
> Peter Zotov

-- 
Roberto Di Cosmo
 
------------------------------------------------------------------
Professeur               En delegation a l'INRIA
PPS                      E-mail: roberto at dicosmo.org
Universite Paris Diderot WWW  : http://www.dicosmo.org
Case 7014                Tel  : ++33-(0)1-57 27 92 20
5, Rue Thomas Mann       
F-75205 Paris Cedex 13   Identica: http://identi.ca/rdicosmo
FRANCE.                  Twitter: http://twitter.com/rdicosmo
------------------------------------------------------------------
Attachments:
MIME accepted, Word deprecated
      http://www.gnu.org/philosophy/no-word-attachments.html
------------------------------------------------------------------
Office location:
 
Bureau 3020 (3rd floor)
Batiment Sophie Germain
Avenue de France
Metro Bibliotheque Francois Mitterrand, ligne 14/RER C
-----------------------------------------------------------------
GPG fingerprint 2931 20CE 3A5A 5390 98EC 8BFC FCCA C3BE 39CB 12D3

More information about the opam-devel mailing list