Re: Introducing rlintian ("restricted lintian")
* Niels Thykier <niels@thykier.net>, 2013-04-21, 23:57:
As far as I can see, aptdaemon runs lintian "as the user who initiated
the transaction". If the concern is here that said user could cause
the transaction to succeed despite local policy saying otherwise, then
restrictions in Lintian won't help. The user could just ptrace the
(r)lintian process make it do whatever he wants.
Seems like prctl + PR_SET_DUMPABLE should do do the trick here (but it
will probably be too late in rlintian).
PR_SET_DUMPABLE wouldn't help. The dumpable flag is automatically set
to 0 whenever you change uid or gid, but then exec resets it to 1.
Alternative su to nobody (presuming the package is world readable)
should deny a non-privileged user from ptracing lintian.
Switching to nobody (or, better, to a dedicated user), should do the
trick.
--
Jakub Wilk
Reply to: