On 30/12/11 15:17, Marcus Meissner wrote:
On Fri, Dec 30, 2011 at 03:05:57PM -0300, Cristian Rodríguez wrote:
On 30/12/11 15:04, Marcus Meissner wrote:
On Fri, Dec 30, 2011 at 03:01:37PM -0300, Cristian Rodríguez wrote:
On 21/12/11 07:34, Joop Boonen wrote:
Hi all,
Currently we have the following problem. Due to security issues we only have native ARM workers for the internal openSUSE buildservice. For the external build service we only use qemu.
Huh ? LXC or simple the systemd-nspawn util does not provide enough security for building packages ?
No.
really ? why ? or we are once again trading usability for paranoia ?
We currently consider it not being able to confine root processes.
If you can think a method where you can do the full build process as non-root it might be usable.
https://bugzilla.novell.com/show_bug.cgi?id=708989 is our audit tracker bug, but we really have not looked that deep.
Ok, the above mentioned report, there is this sentence "cannot really jail a root process as all containers share the same host kernel and f.e. LKM's can easily bypass it." what does he mean with "LKM's can easily bypass it" ?.. when using systemd-nspawn the following is the expected behaviour: "Network interfaces and the system clock may not be changed from within the container. Device nodes may not be created. The host system cannot be rebooted and **kernel modules may not be loaded from within the container**" -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org