Re: [PATCH] svnserve dropping root privileges

From: Max Bowsher <maxb1_at_ukf.net>
Date: 2007-01-20 12:22:31 CET

Martin von Gagern wrote:
> To start svnserve you need access to the binary. If there is some
> security problem, it might just be possible for some malformed commit to
> modify this binary, which could lead to other problems. On the otherhand
> if you could start svnserve outside as root and then chroot and drop
> privileges in the same process, you wouldn't need the binary inside the
> chroot.
>
> I know this scenario is a bit far-fetched, but not far enough to
> invalidate the request.

This scenario isn't just far-fetched - it's actually wrong. You do *NOT*
need write access to the binary to start it.

Max.

application/pgp-signature attachment: OpenPGP digital signature

Received on Sat Jan 20 12:22:58 2007

This message: [ Message body ]
Next message: Malcolm Rowe: "Re: Backport of r22311 to 1.4.3."
Previous message: Max Bowsher: "Re: Backport of r22311 to 1.4.3."
In reply to: Martin von Gagern: "Re: [PATCH] svnserve dropping root privileges"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]