Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
Of course, applications could elect to use nnp anyway, but why force it?
Cook: seccomp filter now in Ubuntu
Posted Mar 26, 2012 23:56 UTC (Mon) by luto (subscriber, #39314)
I suspect that the average system has any number of setuid binaries installed that allow you to run arbitrary code as yourself, since that wouldn't normally be considered a security problem. As a trivial example:
$ sudo -u luto -s
does not prompt for a password.
Posted Mar 27, 2012 0:14 UTC (Tue) by slashdot (guest, #22014)
But maybe it's good to require it, to prevent people accidentally introducing security holes because they don't know they either need to use nnp, restrict execve or use a filesystem namespace.
Posted Mar 27, 2012 0:18 UTC (Tue) by luto (subscriber, #39314)
 https://git.kernel.org/?p=linux/kernel/git/luto/linux.git;... [but I doubt that patch will be accepted in its current form]
Posted Mar 27, 2012 0:33 UTC (Tue) by slashdot (guest, #22014)
Privileged users, in theory, could instead want to setup a FS namespace with some setuid programs of their choice.
However, this is probably useless in practice, so indeed it may be better to avoid the risk of an accidental security hole and force nnp on.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds