Discussion summary: Mock security
Mike McLean
mike at redhat.com
Wed Jun 7 23:52:06 UTC 2006
Michael_E_Brown at Dell.com wrote:
> -- Should we allow untrusted users access to the 'mock' group?
This has been a concern of mine as well. However, I think the solution
is not to harden mockhelper, but to change the role of mockhelper.
At the moment, mock runs as a mortal user and uses mockhelper to execute
a limited number of shell commands as root. What I'd like to do is have
mock-helper (possibly renamed) run mock.py (and only mock.py) as root,
letting mock.py take actions directly without having to filter back
through mockhelper.
Consider that mock.py is in a much better position to make decisions
about whether operations are sane or not. Giving users access to run
mock.py as root could be much safer than giving them access to run a
number of more general purpose tools.
More information about the Fedora-buildsys-list
mailing list