On 08/13/2011 12:38 PM, Mike O'Connor wrote: > On Sat, 13 Aug 2011 09:27:18 +0800, Thomas Goirand <[email protected]> wrote: >> On 08/13/2011 12:27 AM, Ansgar Burchardt wrote: >>> * No priviledge separation: everything -- including apache -- runs as >>> the user "dtc" which also owns config files for apache, bind and >>> others. This probably makes this user root-equivalent. >> >> But the latest Git version uses sbox to jail each customer in a chroot >> (running on a union filesystem using aufs), making it quite hard to be >> harmful. > > And since the dtc user owns the chroot_template directory. A compromise > of the dtc user means that any new chroots should be considered > compromised.
How much of a problem is it, if the web script is in a chroot, and protected with the setlimits calls of sbox? Thomas -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
