[merged] random fixes #117
Conversation
| @@ -518,7 +518,7 @@ switch_to_user_with_privs (void) | |||
| if (prctl (PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) | |||
| die_with_error ("prctl(PR_SET_KEEPCAPS) failed"); | |||
|
|
|||
| if (setuid (real_uid) < 0) | |||
| if (setuid (opt_sandbox_uid) < 0) | |||
There was a problem hiding this comment.
Hm, we're not currently validating that opt_sandbox_uid being set requires --unshare-user AFAICS. Which I think means this could be used to gain uid 0 in the host userns, right?
There was a problem hiding this comment.
if --uid was not specified (which is allowed only with --unshare-user), then opt_sandbox_uid is set to real_uid in main.
There was a problem hiding this comment.
We do:
if (!opt_unshare_user && opt_sandbox_uid != real_uid)
die ("Specifying --uid requires --unshare-user");
Which looks ok to me.
| die ("Unable to set fsuid (was %d)", (int)new_fsid); | ||
|
|
||
| if (setfsgid (real_gid) < 0) | ||
| die_with_error ("Unable to set fsgid"); |
There was a problem hiding this comment.
I don't understand this. The binary is not setgid, only setuid, so it should have the right gid always. What exactly happens that make this a problem?
There was a problem hiding this comment.
I am going to drop this patch as we discussed on IRC.
For the record, it was an error on my side as I was using "chmod +s" instead of "chmod u+s" for testing locally the bwrap executable
since we set uid after we are in the new namespace, use the uid in the new user namespace. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
🙀 |
|
🙀 |
|
🙀 |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #117 Approved by: alexlarsson
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #117 Approved by: alexlarsson
|
☀️ Test successful - status-redhatci |
No description provided.