From d613257841492a1e8aa7a42f9f15c93aeb6e5649 Mon Sep 17 00:00:00 2001
From: Ophestra <cat@gensokyo.uk>
Date: Wed, 26 Mar 2025 07:46:13 +0900
Subject: [PATCH] sandbox/init: clear inheritable set

Inheritable should not be able to affect anything regardless of its value, due to no_new_privs.

Signed-off-by: Ophestra <cat@gensokyo.uk>
---
 sandbox/init.go | 11 +++++++++--
 test/test.py    |  2 ++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/sandbox/init.go b/sandbox/init.go
index 437eb7a..0d14e5f 100644
--- a/sandbox/init.go
+++ b/sandbox/init.go
@@ -217,7 +217,7 @@ func Init(prepare func(prefix string), setVerbose func(verbose bool)) {
 	}
 
 	/*
-		load seccomp filter
+		caps/securebits and seccomp filter
 	*/
 
 	if _, _, errno := syscall.Syscall(PR_SET_NO_NEW_PRIVS, 1, 0, 0); errno != 0 {
@@ -228,9 +228,16 @@ func Init(prepare func(prefix string), setVerbose func(verbose bool)) {
 	}
 	for i := uintptr(0); i <= LastCap(); i++ {
 		if _, _, errno := syscall.Syscall(syscall.SYS_PRCTL, syscall.PR_CAPBSET_DROP, i, 0); errno != 0 {
-			log.Fatalf("cannot drop capability: %v", errno)
+			log.Fatalf("cannot drop capability from bonding set: %v", errno)
 		}
 	}
+	if err := capset(
+		&capHeader{_LINUX_CAPABILITY_VERSION_3, 0},
+		&[2]capData{{0, 0, 0}, {0, 0, 0}},
+	); err != nil {
+		log.Fatalf("cannot capset: %v", err)
+	}
+
 	if err := seccomp.Load(params.Flags.seccomp(params.Seccomp)); err != nil {
 		log.Fatalf("cannot load syscall filter: %v", err)
 	}
diff --git a/test/test.py b/test/test.py
index 9288bb8..f013718 100644
--- a/test/test.py
+++ b/test/test.py
@@ -100,9 +100,11 @@ print(denyOutputVerbose)
 print(machine.fail("sudo -u alice -i fsu"))
 
 # Verify capabilities/securebits in user namespace:
+print(machine.succeed("sudo -u alice -i fortify run capsh --print"))
 print(machine.succeed("sudo -u alice -i fortify run capsh --has-no-new-privs"))
 print(machine.fail("sudo -u alice -i fortify run capsh --has-a=CAP_SYS_ADMIN"))
 print(machine.fail("sudo -u alice -i fortify run capsh --has-b=CAP_SYS_ADMIN"))
+print(machine.fail("sudo -u alice -i fortify run capsh --has-i=CAP_SYS_ADMIN"))
 print(machine.fail("sudo -u alice -i fortify run capsh --has-p=CAP_SYS_ADMIN"))
 print(machine.fail("sudo -u alice -i fortify run umount -R /dev"))