On Wednesday 19 December 2007 08:19:33 Kevin Kofler wrote: > I have noticed that mock in Rawhide has been changed to drop the SUID > helper, instead consolehelper is used to run the entire mock as root. IMHO, > this is a regression: > * It now means you have to know the root password to run mock. Before, it > was possible to give out mock access and only that simply by making the > user a member of the mockbuild group. Now the only way to do that is to > allow running all of mock as root, which probably opens up several ways to > get full root access from there. Older versions of mock already allow every user that is allowed to run it, i.e. is in the mockbuild group, to get root access: $ mock shell init mock-chroot> chmod u+s /bin/bash mock-chroot> exit exit ending done $ /var/lib/mock/fedora-7-i386/root/bin/bash -p Regards, Till
Description: This is a digitally signed message part.