forked from zenhack/tempest
-
Notifications
You must be signed in to change notification settings - Fork 0
/
BLOCKERS
22 lines (18 loc) · 931 Bytes
/
BLOCKERS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
This file documents known issues that must be addressed before
tempest should be relied upon.
Absolute blockers:
- [ ] Address all FIXME comments in the source code.
- [x] Load a seccomp-bpf filter in the sandbox launcher.
- [x] Set max file limits in sandbox setup (setrlimit(RLIMIT_NOFILE, ...)).
- [ ] Do some verification that sandbox-launcher actually
properly drops privileges; right now this isn't well tested.
- [x] Do actual filtering of http traffic, rather than just passing everything through.
- [ ] Memory limits on capnp connections
- [ ] from the outside
- [ ] from apps
- [ ] Audit session implementation
- [ ] Sanity check cookies have proper attributes/aren't visible from js etc.
- [ ] Make sure we're checking Origin headers and such everywhere we can to mitigate CSRF.
Things that really *should* be dealt with, but aren't regressions from
sandstorm:
- [ ] Performance isolation with cgroups