Change in 'devshell' behaviour

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Gary Thomas <gary@mlbassoc.com>
To: Yocto Project <yocto@yoctoproject.org>
Subject: Change in 'devshell' behaviour
Date: Fri, 19 Apr 2013 08:52:02 -0600	[thread overview]
Message-ID: <51715A12.60007@mlbassoc.com> (raw)

CAUTION!! giant security hole awaits!

I've just discovered that recent Poky/Yocto runs 'devshell' as ROOT!

If I run 'bitbake SOME-RECIPE -c devshell' with a somewhat older
metadata (poky rev 09359e6ec00901abfe49157f1f9730117b4d284b)
the shell is run using my user id.

With a newer poky rev 90b98764555945a186562ca8d501a9585ce2b23f,
the shell runs as 'root'.

This change came with this revision:

commit 4dc31a327be1a506e78e1d028db08ceee22a216f
Author: Richard Purdie <richard.purdie@linuxfoundation.org>
Date:   Thu Mar 28 13:17:12 2013 +0000

     base.bbclass: When we use fakeroot, also use it for devshell

     Its generally useful for devshell to end up in the fakeroot environment. If
     a user needs to exit it, PSEUDO_UNLOAD=1 <command> works, its usually
     harder to enter the envionment.

     [YOCTO #3374]

     (From OE-Core rev: e6ffc747a8ca5142c9bc6fbd2b06b5808bb38b02)

     Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Isn't this a horrible security flaw?  Or is 'fakeroot' actually safe?
The change description doesn't tell me why it's "useful".

Whatever the case, to me at least it's very unnerving...

-- 
------------------------------------------------------------
Gary Thomas                 |  Consulting for the
MLB Associates              |    Embedded world
------------------------------------------------------------

next             reply	other threads:[~2013-04-19 14:51 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-04-19 14:52 Gary Thomas [this message]
2013-04-19 15:03 ` Change in 'devshell' behaviour Richard Purdie

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=51715A12.60007@mlbassoc.com \
    --to=gary@mlbassoc.com \
    --cc=yocto@yoctoproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.