RFC: new mock: strategy, selinux, etc.
Axel Thimm
Axel.Thimm at ATrpms.net
Thu Jan 4 18:32:11 UTC 2007
On Thu, Jan 04, 2007 at 10:37:03AM -0600, Clark Williams wrote:
> New mock will no longer use mock-helper. When it needs to do something
> that requires root privileges, it will elevate it's privilege level to
> root (using os.setreuid()), execute the command and then drop privileges
> back to the normal user.
But isn't this a security regression towards the previous model?
Previously all elevation procedures were confined and well
controlled.
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-buildsys-list/attachments/20070104/11b1a63a/attachment.sig>
More information about the Fedora-buildsys-list
mailing list