[lxc-devel] [PATCH RFC] install lxc-user-nic with setuid bit set

[Stéphane Graber]

On Wed, Nov 06, 2013 at 09:31:35AM -0600, Serge Hallyn wrote:
> It's worthless without it.  However it's a scary thing to do.  Before
> acking this, reviewers may want to take another close look at
> lxc-user-nic itself :)

Can you perhaps try to get someone on the Ubuntu Security team to do a
quick audit too?

> 
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
> ---
>  src/lxc/Makefile.am | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
> index 8baf169..d210472 100644
> --- a/src/lxc/Makefile.am
> +++ b/src/lxc/Makefile.am
> @@ -237,6 +237,7 @@ install-exec-local: install-soPROGRAMS
>  	cd $(DESTDIR)$(libdir); \
>  	ln -sf liblxc.so.$(VERSION) liblxc.so.$(firstword $(subst ., ,$(VERSION))); \
>  	ln -sf liblxc.so.$(firstword $(subst ., ,$(VERSION))) liblxc.so
> +	chmod u+s $(DESTDIR)$(bindir)/lxc-user-nic
>  
>  uninstall-local:
>  	$(RM) $(DESTDIR)$(libdir)/liblxc.so*
> -- 
> 1.8.1.2
> 
> 
> ------------------------------------------------------------------------------
> November Webinars for C, C++, Fortran Developers
> Accelerate application performance with scalable programming models. Explore
> techniques for threading, error checking, porting, and tuning. Get the most 
> from the latest Intel processors and coprocessors. See abstracts and register
> http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20131106/ab4cd260/attachment.pgp>