authpolicy: minijail process calls |
||||||
Issue descriptionWrap net, smbclient and kinit in minijail. - Restrict file access, keep everything on tmpfs - Reduce privileges to minimum to prevent messing with authpolicyd's state
,
Nov 18 2016
,
Nov 21 2016
,
Dec 19 2016
Can this be closed? It seems that the actual work happened on different bugs?
,
Dec 19 2016
Not quite, CL:420664 and CL:420683 are still outstanding. Also, restrictive file access is only implemented as changing user to authpolicyd-exec, not by chrooting things.
,
Dec 23 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/07b00007bd7ee64b984100e8b71e3b8a213d5cf7 commit 07b00007bd7ee64b984100e8b71e3b8a213d5cf7 Author: Lutz Justen <ljusten@chromium.org> Date: Fri Dec 02 16:22:59 2016 authpolicy: Install authpolicyd-exec user and seccomp filters Authpolicyd executes untrusted binaries as authpolicyd-exec user and uses seccomp filters as a means of sandboxing. BUG= chromium:666692 TEST=Compiles, tested with custom test code. CQ-DEPEND=CL:420664 Change-Id: Ib49041edf0a2cb442cb3df9e829adaef7e746d6e Reviewed-on: https://chromium-review.googlesource.com/420683 Commit-Ready: Lutz Justen <ljusten@chromium.org> Tested-by: Lutz Justen <ljusten@chromium.org> Reviewed-by: Roman Sorokin <rsorokin@chromium.org> [modify] https://crrev.com/07b00007bd7ee64b984100e8b71e3b8a213d5cf7/chromeos-base/authpolicy/authpolicy-9999.ebuild
,
Jan 2 2017
I think we can close this one now. Seccomp filtering and chrooting have been implemented. There are a few outstanding security concerns, e.g. running authpolicyd with caps. Those will be addressed in separate bugs.
,
Jan 9 2017
,
Jul 6 2017
bulk Verify of Chromad V1 bugs |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by ljusten@chromium.org
, Nov 18 2016