Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tinker with root inside the namespace #6

Open
queer opened this issue Feb 10, 2023 · 3 comments
Open

Tinker with root inside the namespace #6

queer opened this issue Feb 10, 2023 · 3 comments
Labels
bug Something isn't working enhancement New feature or request

Comments

@queer
Copy link
Owner

queer commented Feb 10, 2023

It's a whole thing and a half, but with a lot of trickery, it might be doable: https://github.com/sevagh/namespace-experiments

@queer queer added bug Something isn't working enhancement New feature or request labels Apr 24, 2023
@asciimoth
Copy link

What about the security issues of running root inside boxxy container(if possible one day)?

If root inside boxxy container could be possible, then an unprivileged user could use this to escalate privileges, for example by substituting /etc with sudoders inside or something.
Can this be fixed by introducing restrictions on which directories can be remounted?
For example, we could allow only dirs owned by user to be remounted, or introduce blocklists of points that are not allowed to be remounted at all.

I'm asking because I'm going to develop a simplified setuid analog that allows root inside the container. And I want to avoid the vulnerabilities that come with it.

@asciimoth
Copy link

@queer
Srry for ping

@queer
Copy link
Owner Author

queer commented Feb 28, 2024

What about the security issues of running root inside boxxy container(if possible one day)?

Yes, this is a possible concern. I don't know yet what a good fix would be as, quite honestly, I haven't yet run into a need for sudo inside of the container.

Can this be fixed by introducing restrictions on which directories can be remounted?
For example, we could allow only dirs owned by user to be remounted, or introduce blocklists of points that are not allowed to be remounted at all.

This is a possible fix, yes. I'm unsure what a good compromise on it would be as ex. there may be a genuine use-case for mounting over specific files in /etc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants