[ostree] ostbuild: Clarify "safely" for user-chroot

From: Colin Walters <walters src gnome org>
To: commits-list gnome org
Cc:
Subject: [ostree] ostbuild: Clarify "safely" for user-chroot
Date: Tue, 6 Dec 2011 19:40:19 +0000 (UTC)

commit a4b249e333d9c72dff6129a57764571322b6f8c4
Author: Colin Walters <walters verbum org>
Date:   Tue Dec 6 14:39:30 2011 -0500

    ostbuild: Clarify "safely" for user-chroot

 src/ostbuild/ostbuild-user-chroot.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)
---
diff --git a/src/ostbuild/ostbuild-user-chroot.c b/src/ostbuild/ostbuild-user-chroot.c
index c75654a..6781b38 100644
--- a/src/ostbuild/ostbuild-user-chroot.c
+++ b/src/ostbuild/ostbuild-user-chroot.c
@@ -2,6 +2,11 @@
  *
  * user-chroot: A setuid program that allows non-root users to safely chroot(2)
  *
+ * "safely": I believe that this program, when deployed as setuid on a
+ * typical "distribution" such as RHEL or Debian, does not, even when
+ * used in combination with typical software installed on that
+ * distribution, allow privilege escalation.
+ *
  * Copyright 2011 Colin Walters <walters verbum org>
  *
  * This program is free software; you can redistribute it and/or modify

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]