Date: Thu, 28 Jul 2022 17:44:08 +0200 From: Baptiste Daroussin <bapt@FreeBSD.org> To: niko.nastonen@icloud.com Cc: "freebsd-pkg@freebsd.org" <freebsd-pkg@FreeBSD.org> Subject: Re: pkg and root privileges Message-ID: <20220728154408.em52aqyovyvatcff@aniel.nours.eu> In-Reply-To: <1FDE9D79-08E1-46E7-83A6-9538D81333A4@icloud.com> References: <0320D2DB-F61B-4F8B-B80F-D7765860283E@icloud.com> <20220728150805.ixev66bv3bhdjdn4@aniel.nours.eu> <1FDE9D79-08E1-46E7-83A6-9538D81333A4@icloud.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 28, 2022 at 06:30:37PM +0300, niko.nastonen@icloud.com wrote: > The thread on the forum was closed and deleted by moderators due to unsportsmanlike conduct of some very worried about security :-) > > pkg indeed needs some review in terms of usage of superuser privileges, in my opinion. Not only fetch, but other parts too, fetch just being probably the most fragile in that sense. > > Thanks for your attention. I am open to any audit, and of course like for any audit there will be bugs found. as for usage of superuser privileges, we use capsicum sandbox in most sensitive cases, like signature verification for example. so while we are clearly not bullet proof, I don't think the situation is dramatic at all. Best regards, Bapt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220728154408.em52aqyovyvatcff>