[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] runcon: add --no-new-privs option
|
From: |
Assaf Gordon |
|
Subject: |
Re: [PATCH] runcon: add --no-new-privs option |
|
Date: |
Wed, 26 Apr 2017 15:59:13 +0000 |
|
User-agent: |
Mutt/1.5.23 (2014-03-12) |
Hello,
On Wed, Apr 26, 2017 at 03:57:12PM +0200, Sebastian Kisela wrote:
* src/runcon.c: add --no-new-privs option to allow user to test
if given context grants more privileges to given command.
[...]
+ runcon --no-new-privs now added for testing purposes. If the option is used
+ runcon will not run a process in a context which has additional privileges.
+ [uses no_new_privs bit added in Linux 3.5]
If this feature is primarily for testing purposes,
wouldn't using setpriv from util-linux achieve the same
without adding code?
setpriv --no-new-privs \
runcon -t svirt_lxc_net_t /bin/sh
That is, add a new test (which skips if 'setpriv' is not available),
but no need to add new code to runcon ?
(I don't have an objection to adding it, I'm just wondering).
+ die (EXIT_FAILURE, 0,
+ _("--no-new-privs cannot be used in the cureutils version,\
+ that is currently installed."));
s/curetils/coreutils/
+++ b/tests/runcon/no-new-privs.sh
[...]
+# Run process with inappropriate context
+runcon --no-new-privs -t svirt_lxc_net_t /bin/sh &> out
I'm not that familiar with SELinux, but would this test
work on all system with SELinux enabled, or only on systems
where 'svirt_lxc_net_t' is pre-defined ?
regards,
- assaf