Week 6 Blog: Mid-Internship Progress Report

In the following, I cover the primary plan of the internship period, and what changes happened while getting close to the mid-internship.

Original Internship Project Timeline

The main plan of the internship includes three main tasks as follows:

• Abstract unix socket control: implementation of an scoping mechanism for abstract unix sockets when it tries to connect to a non-sandboxed socket.
• Signal scoping mechanism: Same as abstract unix sockets, but for handling signals.
• Socket type control:Being able to restrict any kind of socket would definitely be useful for a sandbox.

We broke them down into six milestones. Each task has two milestones for developing the kernel and test/documentation parts.

Goals Met

The goal was to start from a more straightforward task and become more familiar with the codes and repository, focusing on more complex tasks. Therefore, we start from the first task and learn more about how landlock works and how the scoping mechanism should be implemented.

Accomplishments in the First Half

I have been able to submit several versions of codes for the first and second tasks. Each version demonstrates my efforts in solving different issues that I faced during the solution's implementation. Here are different versions of the code:

• Patch V1
• Patch V2
• Patch V3
• Patch v4
• Patch V6
• Patch Serie - Final Submission

In this part, I want to express my gratitude to my mentors, Mickael and Paul, who helped me every step of the way.

Project Goals That Took Longer Than Expected

One of the steps that I did not expect more time was when I was trying to scope the Abstract Unix sockets with the credentials of the process using it. Since the datagram sockets do not store the credentials in the sockets, we had to change our solution, which led to changing our testing and implementation. Hopefully, we can handle this complexity in the expected time. Thanks to my mentors for their support.

What would you do differently if you were starting the project over?

I would spend more time on documentation. I keep track of everything via email, but I think it would benefit the open-source community if I could provide more details on each step of my work through more descriptive documents.

Modified Goals

Since another member of the community has already solved my third task, I need to pick another task. Hopefully, I have some backup tasks on my mind:

1. List is under updates!

[1] background image : link