tags 792064 + fixed-upstream pending forwarded 792064 https://github.com/libuv/libuv/pull/441 thanks
On Sun, 12 Jul 2015 20:02:24 +0100 solo-debianb...@goeswhere.com wrote: > > However, as this seems to be part of repro-build (which I do care about), > > you can find a patch here that should fix it. Let me know if it works. > > Woo, thanks! FYI, this has been merged upstream (both v0.10 and v1.x): https://github.com/libuv/libuv/pull/441 > > > If you have CAP_DAC_OVERRIDE (e.g. you're running the build as root), > > > > Isn't this an incredibly bad practice? > > That builder (one I'm in the middle of writing!) runs stuff as "uid 0" > inside an unprivileged LXC (i.e. in a new uid/pid/mount/... namespace), > which is (I believe) supported for security, i.e. it should be safe. > It's easy enough to flip the builder over to using a normal user > inside the container, in the future. Given the sheer number of namespace escape bugs we saw every month, I would recommend against running as uid=0 inside LXC where not strictly needed. IMHO it is still far too easy to escape to host, and builds usually do not require it. Principle of least privilege, as always. > I was under the impression that there was a policy entry requiring stuff > to be buildable as root, so I thought I'd let it run as root for now. > Otoh, I can't actually find said policy entry, nor one for requiring > packages to build without networking; perhaps the latter covered simply > by the requirement that there's no dependency on anything outside of > main. I don't have policy reference at hand, but I remember that as "never retrieve stuff from the internet". I think nowhere we mandate "build without any network interface/route". Personally, I think this one is a sensible environment to support, though. Cheers, Luca -- .''`. ** Debian GNU/Linux ** | Luca Bruno (kaeso) : :' : The Universal O.S. | lucab (AT) debian.org `. `'` | GPG: 0xBB1A3A854F3BBEBF `- http://www.debian.org | Debian GNU/Linux Developer
signature.asc
Description: This is a digitally signed message part.