Bug#987777: Linux enabled user namespaces by default

To: Paul Gevers <elbrus@debian.org>, 987777@bugs.debian.org
Subject: Bug#987777: Linux enabled user namespaces by default
From: Noah Meyerhans <frodo@morgul.net>
Date: Thu, 29 Apr 2021 10:47:41 -0700
Message-id: <[🔎] YIrxPYjg7J4c4BFn@doom.morgul.net>
Reply-to: Noah Meyerhans <frodo@morgul.net>, 987777@bugs.debian.org
In-reply-to: <[🔎] 27056a8f-cbb0-8a60-2a89-de8f8c1bec41@debian.org>
References: <cbfb1a8844621df292c73b70c48b8d581ba64e27.camel@decadent.org.uk> <[🔎] 27056a8f-cbb0-8a60-2a89-de8f8c1bec41@debian.org> <[🔎] 27056a8f-cbb0-8a60-2a89-de8f8c1bec41@debian.org>

On Thu, Apr 29, 2021 at 12:31:21PM +0200, Paul Gevers wrote:
> The previous Debian default was to restrict this feature to processes
> running as root, because it exposed more security issues in the
> kernel.  However, the security benefits of more widespread sandboxing
> probably now outweigh this risk.

I don't really like the use of "probably" in this reasoning.  We should
have a more definitive answer than "it's probably fine", or should at
least justify our decision somehow.  Maybe we could replace the last
sentence with something to the effect of "However, as the implementation
of this feature has matured, we are now confident that the risk of
enabling it is outweighed by the security benefits it provides."

Just a thought.  It's still a little hand-wavey, but at least provides
some justification for the change.

noah

Reply to:

References:
- Bug#987777: Linux enabled user namespaces by default
  - From: Paul Gevers <elbrus@debian.org>

Prev by Date: Bug#987777: Linux enabled user namespaces by default
Next by Date: Bug#987777: Linux enabled user namespaces by default
Previous by thread: Bug#987777: Linux enabled user namespaces by default
Next by thread: Bug#987777: Linux enabled user namespaces by default
Index(es):
- Date
- Thread