Re: [atomic-devel] Introducing bubblewrap

[Daniel J Walsh <dwalsh redhat com>]

There is probably a good case to be made that setuid is more security then a random service that can setup

processes into different cgroups/namespaces, security zones.

setuid allows you to maintain the fork() exec() model, and keep things simple. 

On 05/06/2016 01:49 PM, Muayyad AlSadi wrote:

why setuid? why not just do the non-privileged part, then fire a dbus event to some root service to do the privileged part of adding network config. (and uses policy kit to validate the request).

or a root daemon that do the privileged part of network configuration.

so in summary
an unprivileged user tool that do every possible thing (except network configuration)

it then fires a dbus event or a request to privileged daemon "please configure network on this please"

On Fri, May 6, 2016 at 11:59 AM, Karanbir Singh <mail-lists karan org> wrote:

On 06/05/16 00:52, Daniel J Walsh wrote:
>
>
> On 05/05/2016 02:10 PM, Josh Berkus wrote:
>>> Currently it is not part of a product and has not has a rigorous
>>> review from a security team.  However, I believe our approach
>>> is good, and if anyone wants a peer-reviewed setuid binary
>>> for container features, it's worth considering bubblewrap!
>> So I want to have a "Pop the Bubblewrap" contest which we discussed
>> somewhere else.  That is, let's put out a contest for users to try to
>> break through bubblewrap and report the technical issues.  We'll have
>> some prizes.
>>
>> I'm happy to run the contest, and RH PR would help publicize it, but I'd
>> need someone to manage it from the technical side.
>>
> I like the idea.  We have a security review going on right now with the
> Security Response team.  Perhaps we should see where they are with the
> review before we put out the challenge.
>
>

happy to help promote this from the CentOS side of things as well

regards,

--
Karanbir Singh
+44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
GnuPG Key : http://www.karan.org/publickey.asc