Fwd: VirtualBox/setuid binaries
Ryan Gonzalez
rymg19 at gmail.com
Thu Nov 15 21:14:43 UTC 2018
IIRC portable services also work on plain directories. Could it maybe run
on an OSTree checkout of the runtime and the app?
Though there's still the part about the portable service sandbox being
pretty different from bwrap... I think I wanted to try also added a static
bwrap and modifying the services to redirect through that binary, though I
never really got anywhere with that.
--
Ryan (ライアン)
Yoko Shimomura, ryo (supercell/EGOIST), Hiroyuki Sawano >> everyone else
https://refi64.com/
On Thu, Nov 15, 2018, 2:37 PM Christian Hergert <christian at hergert.me wrote:
> On 11/15/18 4:50 AM, Alexander Larsson wrote:
> > Flatpak is fundamentally based on the kernel support for unprivileged
> > user namespaces. This is the way we can launch a "container" sandbox
> > without ever needing to be root. (We alternatively also support doing
> > the same thing via a setuid bwrap helper, but that is immaterial for
> > this dicussion, so lets ignore that for now). We use the
> > PR_SET_NO_NEW_PRIVS prctl to guarantee this, and unless we do that,
> > the namespace operations will fail.
>
> Slightly off-topic, but on-topic enough to probably drive some direction
> of future features:
>
> I'd like to be able to ship Sysprof as a Flatpak (as well as not
> requiring Sysprof on the host from the Builder flatpak).
>
> Sysprof requires a systemd service which performs things like
> __NR_perf_event_open syscall and parsing /proc/kallsyms so that the UI
> process does not require elevated privileges. (All done via D-Bus fd
> passing and polkit authorization).
>
> I talked with Lennart at GUADEC about systemd portable services, and it
> sounded like that may be one avenue to explore. If we could have a way
> to register a systemd portable service from our Flatpak (even better if
> using the transient portable service feature for auto-cleanup?) then
> that could be one way to get elevated system access under an authorized
> scenario.
>
> What was rather tricky about it was that it requires passing a squashfs
> or tarball (or something of that nature) for the portable service.
>
> -- Christian
> _______________________________________________
> Flatpak mailing list
> Flatpak at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/flatpak
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/flatpak/attachments/20181115/cbc9db14/attachment-0001.html>
More information about the Flatpak
mailing list