← Back to team overview

openstack team mailing list archive

Re: extending rootwrap securely

 

Eric Windisch wrote:
> I'd really like to see this security mechanism overhauled. Rootwrap was
> an improvement over what was there before, however, I don't believe that
> rootwrap is a viable long-term solution as currently designed.  Rootwrap
> has resulted in the use of potentially insecure shell-outs for the
> purposes of privilege escalation in cases where pure Python would be safer.

The Filter mechanism could easily be extended so that rather than always
executing an external command, it could run some python code as root
instead. Any other reason why you think it's not a viable long-term
solution ?

-- 
Thierry Carrez (ttx)
Release Manager, OpenStack


References