Date: Thu, 28 Jul 2022 17:08:05 +0200 From: Baptiste Daroussin <bapt@FreeBSD.org> To: niko.nastonen@icloud.com Cc: "freebsd-pkg@freebsd.org" <freebsd-pkg@FreeBSD.org> Subject: Re: pkg and root privileges Message-ID: <20220728150805.ixev66bv3bhdjdn4@aniel.nours.eu> In-Reply-To: <0320D2DB-F61B-4F8B-B80F-D7765860283E@icloud.com> References: <0320D2DB-F61B-4F8B-B80F-D7765860283E@icloud.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 26, 2022 at 07:15:43PM +0300, niko.nastonen@icloud.com wrote: > Hi. > > There was a recent discussion on the FreeBSD forum about security of pkg and its ability to drop root privileges when fetching packages. > > I couldn’t help but notice that there was a git commit > > fcceab3f with comment "drop privileges when using libfetch” > > and another one > > f3b0469e with comment "Stop dropping privileges when fetching as it causes more issues than it solved”. > > Can I ask what kind of issues the first commit introduces and why pkg still goes out to the internet unprotected? > > In case the issues are already solved by later commits, let me present a silly patch (mostly copied from fcceab3f) for branch "release-1.18” which makes fetch use nobody instead of root. > > Feel free to modify it to match “the real BSD hacker standards, if applicable” :-) > I am interested in the thread on the forum, if you can point it out to me. The reason why it was dropped is because, libfetch allows to access many thing (like ~/.netrc but not only) and many users are using such features of libfetch. I dropped the "drop of privileges" the time to work on libfetch to make it more friendly to the "drop of provileges" which I started but never finished. Thank you for the reminder I will move that up on my TODO list for 1.19 Best regards, Bapt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220728150805.ixev66bv3bhdjdn4>