Proposal: Fedora at Home Project

[Matthew Farrellee]

Frank Ch. Eigler wrote:
> Bryan Che <bche at redhat.com> writes:
> 
>> [...]  Ideally, we could include the client software for computation
>> as part of Fedora distributions and build out a large, million+ node
>> open grid for things like Fedora infrastructure tasks, scientific
>> computing, or socially-beneficial work.  [...]
> 
> Could you say a word or two about the security implications of this
> proposal?  How would you convince a random fedora user that installing
> this is safe to his machine / data / resources?
> 
> - FChE

I'll tell you what can be done to help keep the a user's machine safe,
but not how to convince a random Fedora user.

There are at least two possible approaches here: restrict applications
or use virtualization. They both depend on what you want to run on your
system and who you trust. The first possibility would be to restrict
execution of only programs that you approve, potentially those packaged
and distributed by the Fedora community. For instance, if you were
donating CPU cycles for building Fedora packages you may only want to
let mock run on your system. You'd be trusting the Fedora community to
provide both a mock implementation that was not malicious and input to
mock that was not malicious. The second possibility would be to restrict
execution to within a virtual machine, for as much as you are willing to
trust a VM as a security container. For instance, you could allow anyone
to execute any program they wanted on your system except you really only
let them run in a dedicated Xen domU on your system, which may or may
not have network access.

SELinux is also of interest here. There is an internship available
(IRC37406) to investigate policies for not only controlling what Condor
daemons are allowed to do but also what Condor jobs can do.

Best,


matt