| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Patrick Lauer wrote: |
| 5 |
>>> The metadata cache is "inert" in the sense that it isn't executable |
| 6 |
>>> code (and if anyone tries to execute it ... "You're doing it wrong" |
| 7 |
>>> comes to mind"), so adding it does not pessimize the situation. |
| 8 |
>> But generating that cache means running code, and one of the things |
| 9 |
>> that code could do is modify every overlay distributed by the box in |
| 10 |
>> question such that anyone using any of those overlays will run |
| 11 |
>> arbitrary code whenever they do emerge -p world. |
| 12 |
> |
| 13 |
> Good, this means we have to isolate it so that only each overlay itself exists |
| 14 |
> in an environment that generates the metadata cache. A bit bothersome, but |
| 15 |
> nothing more than adding a line or two to the script(s) that drive(s) this |
| 16 |
> process. |
| 17 |
|
| 18 |
If you generate a user with a separate uid for each overlay then |
| 19 |
that will probably be provide a sufficient level of privilege isolation. |
| 20 |
- -- |
| 21 |
Thanks, |
| 22 |
Zac |
| 23 |
-----BEGIN PGP SIGNATURE----- |
| 24 |
Version: GnuPG v2.0.11 (GNU/Linux) |
| 25 |
|
| 26 |
iEYEARECAAYFAko+d2MACgkQ/ejvha5XGaPzJQCeIg2d8MVhJTyhZWKCQGtZnY3V |
| 27 |
Dk8An0f8WnJL/lb7iJZzlB+hxQDfNLTG |
| 28 |
=pXrm |
| 29 |
-----END PGP SIGNATURE----- |
Archives