From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6478179128234213376
X-Gmail-Labels: Topic type: DISCUSSION
X-Received: by 10.25.31.13 with SMTP id f13mr363467lff.16.1508336524085;
        Wed, 18 Oct 2017 07:22:04 -0700 (PDT)
X-BeenThere: isar-users@googlegroups.com
Received: by 10.25.149.147 with SMTP id x141ls76205lfd.17.gmail; Wed, 18 Oct
 2017 07:22:03 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+RhYPB0UgT+r1/oNTxN2wfTIory3QVEWQQATCE5UmZCf2lcSy3Gq1NBrnXDqnvtLyCHQzC7
X-Received: by 10.25.72.150 with SMTP id v144mr489880lfa.44.1508336523596;
        Wed, 18 Oct 2017 07:22:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1508336523; cv=none;
        d=google.com; s=arc-20160816;
        b=GIVbclnsYFhmplZqz2eWIGWh+e6Kj9mK+xBZKeXPmJA7Lv97pC0XqVCmxPtbC1NVH/
         U6HF2sI89earZ/DE515N3N1D2E0WLpNTrp4GfwHNn/epgYKtHDOUszd+jBNkB5O4K9ab
         NNuTaAIOTuYbH1TnA2UWYp9WbsUzBXlvKvIeLF6brtoYjt6sTPUnWxmIdKSVyegafQOE
         g49WBJx59bO+dbOLpyslm2fZxljZTYx/q6rzNYs5KmIF1Fp0TPRp9LmIIJXzhJ55d5F3
         0vXUgBJBnKytVQ3EQA84TZFPICRWUmBEB1C8jSaKclrpXUwVvm+G9YcSTEbD9meuuNRD
         eauA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:content-language:in-reply-to:mime-version
         :user-agent:date:message-id:from:references:to:subject
         :arc-authentication-results;
        bh=S28r8bjW2dOuHCFA1DdxT8O5w8yAvs2cIgIi5zFti5w=;
        b=ZPp6jkRUEY8uNsyuDdM65f/lWuEfd9LzPfg5xVZba8bbhMRnND6R1gS4qIFteBKiFD
         28tguuKbSPFr4KNduKAHaIPc4DuYvpbfdcEqyxZnfe2Sy3EoFLXr0P4lNknpsO96uJBO
         iqAp75W80qmpM5gLXrROo685uQE/F5WaAqmS9elXx4HbM37AQYIDGzQJvvY86lqUCEKW
         CLolJqf1DWVlEY7uNql58rKUAmlA2ShkEkl6wAswhDTfSHNj9yjlt1ojEqGxuROpIkHA
         SYZ9PzwIwGr6RFW8rf0YEBMJ+2DwYGGGa3/xH9QASq+EqBykz8hLCQmce8ktV4UHDoH0
         Re9Q==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of claudius.heine.ext@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=claudius.heine.ext@siemens.com
Return-Path: <claudius.heine.ext@siemens.com>
Received: from lizzard.sbs.de (lizzard.sbs.de. [194.138.37.39])
        by gmr-mx.google.com with ESMTPS id j65si641209lje.3.2017.10.18.07.22.03
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 18 Oct 2017 07:22:03 -0700 (PDT)
Received-SPF: pass (google.com: domain of claudius.heine.ext@siemens.com designates 194.138.37.39 as permitted sender) client-ip=194.138.37.39;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of claudius.heine.ext@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=claudius.heine.ext@siemens.com
Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35])
	by lizzard.sbs.de (8.15.2/8.15.2) with ESMTPS id v9IEM2s1008463
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Wed, 18 Oct 2017 16:22:03 +0200
Received: from [139.25.68.223] (linux-ses-ext02.ppmd.siemens.net [139.25.68.223])
	by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id v9IEM2HR021250;
	Wed, 18 Oct 2017 16:22:02 +0200
Subject: Re: Isar fork
To: Ben Brenson <benbrenson89@googlemail.com>,
        isar-users <isar-users@googlegroups.com>
References: <8fe13268-9bfa-4b24-897a-133c9530c188@googlegroups.com>
 <3ad4ed89-de76-9a07-c2f5-3abea0583f68@siemens.com>
 <0eeda167-efa1-4eaf-ade5-8d43d09f2c8a@googlegroups.com>
 <6b3eb259-b278-3b9d-c375-cca6cc0359a3@siemens.com>
 <74238db2-27cf-4cb3-b549-60da092134d3@googlegroups.com>
From: Claudius Heine <claudius.heine.ext@siemens.com>
Message-ID: <59df5846-f9e2-8af5-39b1-92b5b6770122@siemens.com>
Date: Wed, 18 Oct 2017 16:22:02 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <74238db2-27cf-4cb3-b549-60da092134d3@googlegroups.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-TUID: FhwZL2kBSbUg

Hi,

On 10/18/2017 04:02 PM, 'Ben Brenson' via isar-users wrote:
> Root privileges inside a Docker container are sadly not a good enough
>> security mechanism, because you would have to grant the container the
>> sys_admin capabilities for loop mount and now its able to potentially
>> overwrite disk content or access the complete host memory.
>>
> 
> So the best solution would be to implement a non-root approach. Otherwise
> there will always persist some security issues.
> For now I don't have any solutions, yet.
> A time ago I tried to setup debootstrap by using fakechroot, but that
> wasn't staight forward to solve.
> Maybe with multistrap, things would be much easier here?

AFAIK that not the case. One problem of fakeroot/fakechroot is that is 
works with LD_PRELOAD and therefor fails with static binaries. proot is 
better there because is uses the same mechanism as strace (ptrace) to 
capture syscalls. proot also allows to pseudo bind mount directories 
into the chroot-path, which is useful. The problem with proot is however 
that chown/chmod/mknot calls are not stored persistently.

So when I read 'schroot' in your commit history I got exited and hoped 
that is the solution we all waited for. Doesn't seem to be the case though.

Cheers,
Claudius

-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-54 Fax: (+49)-8142-66989-80 Email: ch@denx.de