[tor-bugs] #13602 [Ooni]: run all ooniprobe tests as non-root
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Oct 29 14:39:09 UTC 2014
#13602: run all ooniprobe tests as non-root
-----------------------------+---------------------
Reporter: infinity0 | Owner: hellais
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Ooni | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+---------------------
Comment (by infinity0):
I just realised I greatly over-engineered option (2) and have now
simplified it. Now, we just use cython to build bin/ooniprobe into a C
program, and setcap on this. No wrappers involved, no need to hard-code
any extra paths, nothing runs as root.
Essentially the C program is a python interpreter that only runs
ooniprobe, and the search path rules are all handled by ld.so (which
already has security mechanisms like [1]) and libpythonXX.so (where I'm
manually telling it to ignore user / environment search paths, as seen in
the Makefile).
So I think option (2) would be suitable both for inclusion into the main
ooni repo, and for use within Debian.
[1] http://stackoverflow.com/questions/9843178/linux-capabilities-setcap-
seems-to-disable-ld-library-path
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13602#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list