executor: revive setuid sandbox

The new namespace-based sanboxing is good,
but it's not always what one wants
(and also requires special kernel configs).

Change dropprivs config value to sandbox,
which can have different values (currently: none, setuid, namespace).
Setuid mode uses setuid(nobody) before fuzzing as before.

In future we can add more sandboxing modes or, say,
extend -sandbox=setuid to -sandbox=setuid:johndoe
to impersonolate into given user.

2 files changed, 8 insertions, 2 deletions

diff --git a/tools/syz-execprog/execprog.go b/tools/syz-execprog/execprog.go
index fdba0f258..5b7610754 100644
--- a/tools/syz-execprog/execprog.go
+++ b/tools/syz-execprog/execprog.go
@@ -55,7 +55,10 @@ func main() {
 		return
 	}
 
-	flags, timeout := ipc.DefaultFlags()
+	flags, timeout, err := ipc.DefaultFlags()
+	if err != nil {
+		log.Fatalf("%v", err)
+	}
 	if *flagCoverFile != "" {
 		flags |= ipc.FlagCover
 		flags &= ^ipc.FlagDedupCover
diff --git a/tools/syz-stress/stress.go b/tools/syz-stress/stress.go
index de5f8ddf8..bb2352f76 100644
--- a/tools/syz-stress/stress.go
+++ b/tools/syz-stress/stress.go
@@ -47,7 +47,10 @@ func main() {
 	prios := prog.CalculatePriorities(corpus)
 	ct := prog.BuildChoiceTable(prios, calls)
 
-	flags, timeout := ipc.DefaultFlags()
+	flags, timeout, err := ipc.DefaultFlags()
+	if err != nil {
+		failf("%v", err)
+	}
 	gate = ipc.NewGate(2**flagProcs, nil)
 	for pid := 0; pid < *flagProcs; pid++ {
 		pid := pid