* [Bug runtime/10984] New: restrict unprivileged mode operation to "stapusr" or similar
@ 2009-11-19 5:10 fche at redhat dot com
2009-11-20 16:58 ` [Bug runtime/10984] " brolley at redhat dot com
0 siblings, 1 reply; 2+ messages in thread
From: fche at redhat dot com @ 2009-11-19 5:10 UTC (permalink / raw)
To: systemtap
Considering the potential size of the worm can, for an early
non-experimental deployment of unprivileged mode, let's allow
sysadmins to restrict staprun to run even signed code only for
some users.
If we don't wish to build an elaborate ACL setup (or even a
simple one like /etc/ftpusers), how about restricting
signed mode to only "stapusr" people. That way, two separate
actions are required by a local sysadmin: the approval of the
compilation environment, and approval of individual users.
Reuse of "staprun" as the groupid is probably plausible since
it's already a "lower privilege" sort of systemtap user, which
can only run precompiled stuff specifically installed under
/lib/modules/`uname -r`/systemtap. The proposal here is to
also permit such people to run --unprivileged scripts / signed
modules.
(Another option is to create a third user group, like "stapunpriv",
but I can't think of a good case for it as distinct from stapusr.)
--
Summary: restrict unprivileged mode operation to "stapusr" or
similar
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: runtime
AssignedTo: systemtap at sources dot redhat dot com
ReportedBy: fche at redhat dot com
OtherBugsDependingO 10907
nThis:
http://sourceware.org/bugzilla/show_bug.cgi?id=10984
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Bug runtime/10984] restrict unprivileged mode operation to "stapusr" or similar
2009-11-19 5:10 [Bug runtime/10984] New: restrict unprivileged mode operation to "stapusr" or similar fche at redhat dot com
@ 2009-11-20 16:58 ` brolley at redhat dot com
0 siblings, 0 replies; 2+ messages in thread
From: brolley at redhat dot com @ 2009-11-20 16:58 UTC (permalink / raw)
To: systemtap
--
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|systemtap at sources dot |brolley at redhat dot com
|redhat dot com |
Status|NEW |ASSIGNED
http://sourceware.org/bugzilla/show_bug.cgi?id=10984
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2009-11-20 16:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-11-19 5:10 [Bug runtime/10984] New: restrict unprivileged mode operation to "stapusr" or similar fche at redhat dot com
2009-11-20 16:58 ` [Bug runtime/10984] " brolley at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).