Hi, Quoting Joachim Breitner (2015-12-24 09:45:01) > Am Donnerstag, den 24.12.2015, 09:41 +0100 schrieb Johannes Schauer: > > which will probably not happen because schroot is supposed to be run as a > > user > > but the decision about which mounts are allowed should be left to the > > superuser. This is currently enforced by only root having the privileges to > > edit /etc/schroot/chroot.d/*. If a normal user could bind mount whatever > > they > > want on demand that would be a security issue. > > bummer, but true. Linux’s all-or-nothing approach to mount security is > generally a problem, but not one we will solve here...
you might be interested in this: http://lists.alioth.debian.org/pipermail/buildd-tools-devel/2015-December/010172.html which is about using Linux namespaces instead of root to do package builds. cheers, josch
signature.asc
Description: signature