RFC: new mock: strategy, selinux, etc.
Axel Thimm
Axel.Thimm at ATrpms.net
Fri Jan 12 13:48:37 UTC 2007
On Thu, Jan 11, 2007 at 06:15:17PM -0500, Mike McLean wrote:
> >I understand the mechanism, but what if a security issue elsewhere in
> >mock allows one to inject code and elevate privildeges? Until now any
> >rogue mock takeover would only be able to do what the confined C
> >helper program would allow, now everything is possible.
>
> I'm not sure what type of exploit you're worried about here. As a python
> app, mock should be very resistant to buffer overflow exploits.
Check out for example CVE-2006-1542 and CVE-2006-4980.
> Furthermore I'm not sure what interface the exploit would come through
> .. the command line?
Anything that mock takes as an input from command line to submitted
srpms/spec files. One of the cve's was triggered by specially crafted
UTF-32, next exploit could be with UTF-8 found in specfiles. If you
run with possible root priviledge elevation capabilities all the time
anything mock calls directly or indirectly becomes vulnerable, be it
cpython itself or a python module used by mock.
--
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-buildsys-list/attachments/20070112/b8865db0/attachment.sig>
More information about the Fedora-buildsys-list
mailing list