[Bug 669772] Set up ostree.gnome.org

From: "sysadmin" (bugzilla.gnome.org) <bugzilla gnome org>
To: gnome-infrastructure gnome org
Subject: [Bug 669772] Set up ostree.gnome.org
Date: Mon, 20 Feb 2012 14:56:22 +0000 (UTC)

https://bugzilla.gnome.org/show_bug.cgi?id=669772
  sysadmin | Other | unspecified

--- Comment #8 from Colin Walters <walters verbum org> 2012-02-20 14:56:06 UTC ---
Ok, there's one final step that needs root privileges on the guest, and that's
to install as setuid root:

http://git.gnome.org/browse/linux-user-chroot/

I'm fairly confident that this tool couldn't be used to compromise integrity or
confidentiality on the machine.  It's been through some review on LKML by
security people, and e.g. Serge E. Hallyn roughly approved: 
https://lkml.org/lkml/2011/12/12/547

However it almost certainly would be easy enough to use the tool to create tens
of thousands of mount table entries for a DoS.  But on the other hand, I'm not
sure there has ever been a point where one could install a "default"
Fedora/RHEL/Debian that hasn't had easy to use DoS vectors.

-- 
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the QA contact of the bug.
You are watching the assignee of the bug.

References:
- [Bug 669772] New: Set up ostree.gnome.org
  - From: sysadmin

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]