On Friday 14 November 2008 23:34:27 Jon Elson wrote: > Michael Buesch wrote: > > I don't think there is a solution for this, however. > > If you want to run a component of the repository (be it the makefile or > > the setuid programs itself) as root, you need to trust your committer. > > > You can set sudo to allow only specific programs from specific > directories to be executed. > That includes even specific system command, like cp, mv, mkdir, etc.
Yeah, well. But we _want_ the setuid applications from the emc2 repository to run as root. And a committer has full control over the sources... ;) No matter if you use sudo or some other mechanism. We use sudo in the first place to get setuid root bit set on those applications the attacker has full sourcecode control over. So the question really only is: 1) Do we need these root hacks do do proper tests? 2) If yes, can we setup a sandbox for the test? A an acceptable sandbox would probably only be to reset the complete harddisk image to a known state, make an emc2 checkout/compile/testrun and discard the harddisk contents. -- Greetings Michael. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Emc-developers mailing list Emc-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-developers