Hi Yong, Does gary's patch address your concern: https://review.openstack.org/#/c/13572/4 ?
It seems like the introduction of the DnsmasqNetnsFilter properly enforces that the only command run within the netns is dnsmasq, unless i'm misunderstanding the patch. dan On Mon, Sep 24, 2012 at 4:03 PM, Yong Sheng Gong <[email protected]> wrote: > > Hi Dan, Garyk, > I think the root cause is: > ip_exec_dnsmasq: DnsmasqFilter, /sbin/ip, root > dnsmasq: DnsmasqFilter, /sbin/dnsmasq, root > dnsmasq_usr: DnsmasqFilter, /usr/sbin/dnsmasq, root > > most of our filters do not match the needed command with the command defined > in rootwrapper filter files. > > For this bug, because DnsmasqFilter does not try to match the wanted dnsmasq > with the /sbin/ip defined in dhcp.filters file, we select the first rule. > > It seems we will allow the user to specify any command to run in rootwrapper > filter files. For example, I can define ip_exec_dnsmasq: DnsmasqFilter, > /path/to/anyprogramtorun, root although our quantum is trying to run > dnsmasq, but we will match and change to run anyprogramtorun. > > security concern? > Yong Sheng Gong -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~ Dan Wendlandt Nicira, Inc: www.nicira.com twitter: danwendlandt ~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- Mailing list: https://launchpad.net/~quantum-core Post to : [email protected] Unsubscribe : https://launchpad.net/~quantum-core More help : https://help.launchpad.net/ListHelp
