Re: s6-linux-init permissions

From: Laurent Bercot <ska-skaware_at_skarnet.org>
Date: Mon, 7 Mar 2016 17:05:45 +0100

On 07/03/2016 16:06, Luis Ressel wrote:
> I'm aware of this. What's so bad about people being able to run
> s6-linux-init-maker without root permissions?

  What is so bad is that the produced output is not suitable for booting:
files will be owned by a non-root user, who then has the necessary permissions
to meddle with the boot process.

  If I make s6-linux-init-maker available to non-root users, people will run it as a non-root user, then attempt to use the produced scripts for booting, and it
will either fail, or succeed while opening a giant security hole. The use case
you are suggesting is valid, but does not balance the risk.

  If you do not have root privileges and still want to run s6-linux-init-maker,
download and compile the package yourself - the binary will still have 0755
rights, but you will own it.

-- 
  Laurent
Received on Mon Mar 07 2016 - 16:05:45 UTC

This archive was generated by hypermail 2.3.0 : Sun May 09 2021 - 19:38:49 UTC