Bug 1283709
Summary: | Path traversal in `uniqueext` | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Colin Walters <walters> |
Component: | mock | Assignee: | Miroslav Suchý <msuchy> |
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | rawhide | CC: | jdisnard, mebrown, msimacek, msuchy, praiskup, williams |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-12-22 00:18:48 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Colin Walters
2015-11-19 16:12:37 UTC
I am not sure if this should be addressed. If your user is in 'mock' group, then you can root access anyway. And if you provide incorrect path... well we provide gun, and you are shooting. If you want to shoot into your leg... And btw, if you have selinux enabled, it should stop you from overwriting /. (In reply to Miroslav Suchý from comment #1) > I am not sure if this should be addressed. If your user is in 'mock' group, > then you can root access anyway. Right. But given that, I feel the `mock` group is a historical mistake, as there's an implication that it provides security where it doesn't. If a program is effectively equivalent to a root shell, it would have been beetter to require use of `sudo`. (One could find the uid to chown result files via `SUDO_UID` etc.) It would drop a vast amount of complexity from mock. I'm not arguing for making this change now though, it probably isn't worth doing. For reference I am the developer of https://git.gnome.org/browse/linux-user-chroot which I do believe is secure, and that's the specific program that I'm comparing vs mock. |