Drawing lessons from fatal SELinux bug #1054350
jistone at redhat.com
Fri Jan 24 23:16:52 UTC 2014
On 01/24/2014 01:38 PM, Chris Murphy wrote:
> On Jan 24, 2014, at 2:58 AM, Sergio Pascual <sergio.pasra at gmail.com
>> There is a plugin yum-plugin-fs-snapshot, but it requires better
>> documentation and system integration.
> Well I'd go a step further and ask some more basic questions how how
> many snapshots should be bootable, whether systemd-journal should be
> persistent across snapshots or snapshot specific, what exactly are we
> snapshotting, can we require /home be separate (presently we don't
> require it) in order to support such bootable snapshots, on and on.
I'd also ask where we keep these snapshots, and how do you prevent
access to them normally. IIRC, yum-plugin-fs-snapshot makes btrfs
snapshots as a subvolume directly within the filesystem, which means it
will still be accessible.
This concerns me especially in the case of security updates -- for
example, a vulnerable setuid-root binary should be locked up tight!
More information about the devel