[utah-devel] UTAH Weekly Meeting
Max Brustkern
max.brustkern at canonical.com
Fri Oct 5 14:04:15 UTC 2012
On 10/05/2012 05:38 AM, Martin Pitt wrote:
> Gema Gomez [2012-10-04 9:49 +0100]:
>> - The run_as functionality has been discussed because of security
>> concerns. On one hand, utah should be able to run tests as any chosen
>> user, on the other hand, we don't want to introduce a security threat
>> for everyone that installs the utah client on their development
>> machines.
> I think it should only allow you to run tests as a different user if
> you invoke the test as root. That's not a problem if you use test VMs,
> as the default user can always sudo (in a live system even without
> password), but it avoids the gaping root hole for people who install
> the client on their workstation.
>
> Martin
I had basically the same idea yesterday. We could support run_as as
only a privilege de-escalation for a superuser, and not as an escalation
for an unprivileged user.
Max
More information about the Ubuntu-utah-devel
mailing list