Ticket #88 (closed enhancement: wontfix)
Lock down chroots on debuild.mit.edu
Reported by: | tabbott | Owned by: | |
---|---|---|---|
Priority: | trivial | Milestone: | |
Component: | -- | Keywords: | |
Cc: | Fixed in version: | ||
Upstream bug: |
Description (last modified by broder) (diff)
We should find a mechanism to lock down chroots on debuild.mit.edu.
Users need to become root within the build chroots to install packages. Normally, chrooting isn't considered a security mechanism, and so by design it's possible for root to escape from a chroot, meaning that any user who has root within the build chroot can potentially acquire root outside of the chroot.
This is a blocker for any sort of setup where debuild.mit.edu is open to the community.
Change History
Note: See
TracTickets for help on using
tickets.
We've disabled local logins for all Athena accounts, so this is no longer a security concern.
Also, grsec is dying, so we need another way to lock down chroots.