From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6540161972509343744 X-Received: by 10.129.153.23 with SMTP id q23mr1104170ywg.50.1523428118577; Tue, 10 Apr 2018 23:28:38 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 10.129.37.10 with SMTP id l10ls25878ywl.35.gmail; Tue, 10 Apr 2018 23:28:38 -0700 (PDT) X-Google-Smtp-Source: AIpwx4/R6ZRTxHcDiAHc1qJMY5jvbJQzgemJl13Yx5r3/8sgci22o1QZMhOlJBo+C18HfOjl1NdM X-Received: by 10.129.115.2 with SMTP id o2mr1156080ywc.89.1523428118133; Tue, 10 Apr 2018 23:28:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523428118; cv=none; d=google.com; s=arc-20160816; b=Ioa8qMcOPTKKkyBPjhKLwUCeSb5FjbyGpAGpH0aLMDhz32rnP+L1vKJVkDojRNPShC gQINl1nI+HEp0SS/m2SXK6UVJdLDuLfuqsXnbJf2vAVk6wp/H9i883eBzYvhdlL3KIze WUdt8064wCGaWftc/+K6zVys8mhPv6H35tKRYYI5eHCJ46F8uKIHQdwMxutijMPqesaP 8295b69VC97UWRzhN0FvppYx6MJqlel3m8hJte0ArMDcshZoZXU3vpEJf+tRENlzFXs8 vbsSzNZ/0xuct0Iph7TH7nP/PVNNG54N2VVGylkQdjNp7487SAfhJGYS5zkQI53U7dWQ A2kg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=user-agent:in-reply-to:content-disposition:mime-version:references :mail-followup-to:message-id:subject:to:from:date :arc-authentication-results; bh=nm3u3vc4PjlNJfVf9cuGEQpY5TWX3+EX70iMwXlzfO8=; b=rEsBlcyxZhFhZ0T1MySa44LVmhtm9Q5StFVBP4Lfeg7Irsetyn5BLAVn/r+N5jCSt5 myfnlF9REe8hOi7bv48aaVtgzHWxjZL5LUjdvAJuOjUhAPaj1eXmOVqkWT63oxvR0KIX zNRwvmlMQE7OYs+WfdcMQlNsmJtVILy2Xl/KJfFezn3giM/lAbQQw0VAZl3KyTqY+S3F izuBxIZWQ09m2pTWfEqh5Cyi907oht5B3CRgiBhGfUiFj/wL3fEQr70l6jIC/4JLS/Lq zeuZUQZouTWircfx9icixaAhscOozIRkb7NLfXGSuKWT56PlKEa/nzuiaz3Iw3PSsQss NFjg== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=neutral (google.com: 85.214.62.211 is neither permitted nor denied by best guess record for domain of ibr@radix50.net) smtp.mailfrom=ibr@radix50.net Return-Path: Received: from aqmola.ilbers.de (aqmola.ilbers.de. [85.214.62.211]) by gmr-mx.google.com with ESMTPS id f8si33895ywh.1.2018.04.10.23.28.37 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Apr 2018 23:28:37 -0700 (PDT) Received-SPF: neutral (google.com: 85.214.62.211 is neither permitted nor denied by best guess record for domain of ibr@radix50.net) client-ip=85.214.62.211; Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 85.214.62.211 is neither permitted nor denied by best guess record for domain of ibr@radix50.net) smtp.mailfrom=ibr@radix50.net Received: from yssyq.radix50.net (host-80-81-17-52.static.customer.m-online.net [80.81.17.52]) (authenticated bits=0) by aqmola.ilbers.de (8.14.4/8.14.4/Debian-4+deb7u1) with ESMTP id w3B6SXl9032348 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 11 Apr 2018 08:28:35 +0200 Received: from yssyq.radix50.net (localhost [127.0.0.1]) by yssyq.radix50.net (8.14.4/8.14.4/Debian-8) with ESMTP id w3B6SX6G006021 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 11 Apr 2018 08:28:33 +0200 Received: (from ibr@localhost) by yssyq.radix50.net (8.14.4/8.14.4/Submit) id w3B6SX2B006020 for isar-users@googlegroups.com; Wed, 11 Apr 2018 08:28:33 +0200 Date: Wed, 11 Apr 2018 08:28:33 +0200 From: Baurzhan Ismagulov To: isar-users@googlegroups.com Subject: Re: [PATCH v5 0/5] Debootstrap integration Message-ID: <20180411062833.GD4762@yssyq.radix50.net> Mail-Followup-To: isar-users@googlegroups.com References: <20180403100802.30710-1-claudius.heine.ext@siemens.com> <20180404203434.GC3164@yssyq.radix50.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-TUID: 3GqdzxKaBLXU On Thu, Apr 05, 2018 at 11:16:43AM +0200, Jan Kiszka wrote: > I would call this a "safety" concern - building images via Isar is not > secure in any way as long as we require root permissions. However we call it (directory traversal is commonly classified as a security issue as opposed to safety as in health injury), it doesn't mean we should easily add more of them just because the existing code already isn't perfect. I've raised the issue to understand the implications, consider advantages and disadvantages, and possibly determine TODOs if we end up with a trade-off. For example, for this specific case, does upstream bitbake and / or OE check whether cleandirs are within the build directory? With kind regards, Baurzhan.