Hello,
On Wed, Apr 26, 2017 at 03:57:12PM +0200, Sebastian Kisela wrote:
* src/runcon.c: add --no-new-privs option to allow user to test
if given context grants more privileges to given command.
[...]
+ runcon --no-new-privs now added for testing purposes. If the option is used
+ runcon will not run a process in a context which has additional privileges.
+ [uses no_new_privs bit added in Linux 3.5]
If this feature is primarily for testing purposes,
wouldn't using setpriv from util-linux achieve the same
without adding code?
setpriv --no-new-privs \
runcon -t svirt_lxc_net_t /bin/sh
That is, add a new test (which skips if 'setpriv' is not available),
but no need to add new code to runcon ?
(I don't have an objection to adding it, I'm just wondering).
+ die (EXIT_FAILURE, 0,
+ _("--no-new-privs cannot be used in the cureutils version,\
+ that is currently installed."));
s/curetils/coreutils/
+++ b/tests/runcon/no-new-privs.sh
[...]
+# Run process with inappropriate context
+runcon --no-new-privs -t svirt_lxc_net_t /bin/sh &> out
I'm not that familiar with SELinux, but would this test
work on all system with SELinux enabled, or only on systems
where 'svirt_lxc_net_t' is pre-defined ?
regards,
- assaf
