Windows does not Run As the correct user #606
Comments
|
Having the lifecycle correctly drop privileges on Windows is definitely something we want to add in the future. @micahyoung would be able to speak more in-depth about it, as there are some tricky details. I'm curious to know more about the failure cases - it sounds like the user is a non-admin user (ContainerUser?) trying to do things that are not permitted for non-admins? Could you elaborate more on what that looks like? |
|
We ran into this when a buildpack was running successfully via pack via |
|
For us, it was mostly annoying because we didn't realize our buildpack was running as a ContainerAdministrator but, a malicious buildpack could gain access to the user's docker socket. |
|
Yeah +1 to needing this. It's blocked and will be implemented along with #343 and the corresponding buildpacks/pack#1079 in pack. It's the next big item in my queue. It's probably worth mentioning that for Platforms to take advantage, there will be and bit more complexity as impersonating users on Windows is not as straight-forward as Linux. On Windows, the target user of the impersonation must be already "logged-in" to the environment - have a running process owned by the lower-privileged user, from which lifecycle will copy and apply privileges. So that would mean any lifecycle functions needing to run as I'll add more detail and likely start a sub-team specific RFC but just wanted to start setting expectations and getting other thoughts. |
natalieparellano
added
help wanted
Summary
The windows
RunAsis a noop which prevents the lifecycle steps from running as the wrong user. This causes some builds to fail if run as the correct user but, other builds to succeed because they are inadvertently run as ContainerAdministrator.The text was updated successfully, but these errors were encountered: