COPR

Florian Weimer fweimer at redhat.com
Mon Sep 2 10:14:08 UTC 2013


On 09/02/2013 10:54 AM, Miroslav Suchý wrote:
> On 08/30/2013 05:59 PM, Daniel P. Berrange wrote:
>> On Fri, Aug 30, 2013 at 11:52:05AM -0400, Colin Walters wrote:
>>> On Fri, 2013-08-30 at 09:01 -0400, Colin Walters wrote:
>>> Also, wow, I just followed and read the link:
>>> http://lists.opensuse.org/opensuse-buildservice/2013-07/msg00044.html
>>>
>>> I know this is old code and stuff, but writing the data to the swap
>>> partition sounds very Rube Goldberg.
>
> It sounds complicated. But the reason is:
> since during build, the code is run under root, you must assume very
> hostile environment.
> The packager can do on builder *anything*. Even modify file system.
> Directly on block device.
> And if you mount the guestfs as whole FS, there is potential to exploit
> kernel FS. In past there were problems where kernel oopsed because FS
> was damaged. So OBS team decided that this has potential for exploit and
> into swap data is written number of blocks where the files reside and
> from that guest FS are read just those blocks directly.
> Using virtio-serial can be used for that, but I guess that it was not
> available at that time (and AFAIK it will not work no s390 zVM).

Regular networking is also an option, I think.  The networking stack is 
more robust than the file system stack.  (Which puts the idea to use 
air-gapped machines and thumb drives for data transfer between them into 
an interesting light, by the way.)

-- 
Florian Weimer / Red Hat Product Security Team


More information about the devel mailing list