Re: Potential security weakness in Guix services

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Potential security weakness in Guix services

From:	Maxime Devos
Subject:	Re: Potential security weakness in Guix services
Date:	Fri, 29 Jan 2021 14:33:33 +0100
User-agent:	Evolution 3.34.2

Hi Guix,

On Thu, 2021-01-28 at 16:53 -0500, Leo Famulari wrote:
> On January 19 2021, we received a message from Maxime Devos describing a
> potential attack vector on Guix System.
> 
> If an attacker can exploit a remote code execution vulnerability (RCE)
> in a program used by a Guix service, they could use it to take over the
> system in some cases. We have not deployed any mitigations for this.
> 
> Below is a summary of their messages, including a mitigation proposal.
> Your feedback is requested!

I'm writing a patch right now.  It's a little more elaborate than my
mkdir-p/own proposal.  In the patch, directories with owner, group
and permission bits are created via extensions to a ‘fs-entry-service-type’,
which will perform various basic consistency checks at build time
(e.g., no directory can be owned by multiple users).

I'll post a draft when it's ready.

Maxime

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

Potential security weakness in Guix services, Leo Famulari, 2021/01/28
- Re: Potential security weakness in Guix services, Maxime Devos <=
  - Re: Potential security weakness in Guix services, Maxime Devos, 2021/01/29

Prev by Date: Re: When substitute download + decompression is CPU-bound
Next by Date: Re: When substitute download + decompression is CPU-bound
Previous by thread: Potential security weakness in Guix services
Next by thread: Re: Potential security weakness in Guix services
Index(es):
- Date
- Thread