Why do cell phones ask for permission when installing an application for access to the internet, yet any software dependency can just access the internet willy-nilly? It doesn't have to be this way. You will see a working prototype that prioritizes privacy first.
local host, port = "localhost", 2100
local net = require("net")
local tcp = net.connect(host, port)
tcp:send("hello world\n")
In Sndl, this code fails without the net module being given explicit permission to be able to read and write from localhost and port 2100! It seems crazy in 2023 that any library can just read the entire hard drive and upload it to any place on the internet. What the privacy features block IO in repl, third party API's and more!
4 takeaways in 20 minutes
- Motivations for privacy first .
- Why existing options (Capsicum, Pledge) don’t meet our needs.
- POC: Sndl Adding capabilities (controls) to Lua packages.
- Demo: Python socket as an example of applying package capabilities outside of Sndl.
You become what you give your attention to. - Epictetus
After years working in healthcare technology, I realized that my chief concern was privacy. Privacy incidents were orders of magnitude bigger than security incidents. The reality of limited resources means that you have to make bets. I also found that betting on digital privacy also improved security. The converse is not always true. With few chips, I had to make the bets count, so I bet almost exclusively on digital privacy. The software I was building didn't have privacy concerns built in. It seemed like an obvious omission: if operating systems had privacy built in, why not programming languages?
OS-level sandboxing
In 2018, I was reading the second edition of The Design and Implementation of the FreeBSD Operating System, which describes the Capsicum capability model starting on page 174. OpenBSD's Pledge also has sandboxing capabilities that work a little differently, but still provide sandboxing. Both Pledge and Capsicum sandbox by separating vulnerable code from non-vulnerable code. A web server written using sandboxing could pass the file descriptor of the socket to the vulnerable code, which would be sandboxed out of the rest of the system. This is fantastic, but in modern software development, a lot of the code we run is actually third-party dependencies that are not designed to run in a sandbox.
Sndl (pronounced "san-dahl")
Lua is a language that is easy to embed and yet very powerful. In the past, I had used it for embedding Lua in a stream evaluation engine and automation tooling. The applications I mainly wanted to build with this POC were web apps and backend software. I wanted to create a good developer experience, so I chose curated permissions instead of general-purpose permissions. As an example there are fine grained permissions for reading HTTP request form fields, body, and multipart.
Package capabilities applied to Python
Why not just take the capabilities configuration from SNDL and apply it to Python? By wrapping the socket.create_connection function, we can apply the same sandboxing from SNDL. The developer experience will be surprising. Using an iterative approach, we can track metrics and logs to find all the uses of the socket.create_connection function in a codebase. Based on this data, we can build a configuration file.