[lxc-devel] [PATCH] lxc-alpine: download statically compiled package manager if not available on host
Natanael Copa
ncopa at alpinelinux.org
Sun May 19 07:29:06 UTC 2013
On Sat, 18 May 2013 18:14:36 -0500
Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> > > I do see that for instance feeding a
> > > tar file with malicious /bin/passwd, which templates later run
> > > under a regular chroot, could be just as easy...
> >
> > I don't really understand what you mean with this...
>
> In the ubuntu-cloud template we wget a tarball which is the rootfs for
> the container, extract it, then chroot into it and run /bin/passwd to
ah. I misread "/bin/passwd" as "/etc/passwd". Get it now, sorry.
It shows that Kaarles' patch is practically not making anything that is
worse than what other templates already do.
> So long as you mean embed the pub keys into the lxc template, that
> would be great.
>
> And I think I'll pursue the same for ubuntu-cloud and cirros
> templates.
>
> > --allow-untrusted in the same shot and you will at no point run
> > anything that has not been cryptographically verified.
>
> Sounds great - thanks.
Will look at it.
Thanks for the feedback!
-nc
More information about the lxc-devel
mailing list