baur icon indicating copy to clipboard operation
baur copied to clipboard
verified publisher icon simplesurance

Limit access to files specified as input

Open fho opened this issue 5 years ago • 2 comments

To ensure that all inputs of a command are specified, prevent that a command can access other files in the repository.

15.12.2022 I'm working on realizing it the following way:

  • use linux namespaces (user, mount) to be able to mount directories as non-root user,
  • mount the repository directory as overlayFS to a temporary directory,
  • remove all files the overlayFS that are not tracked files of a task (with some exceptions: .baur.toml, .git/)
  • bind-mount the overlayFS over the original repository-directory path

The executed process will run in the original directory but only the input-files of the task are accessible.

fho avatar May 07 '20 16:05 fho

alternative: https://github.com/shoenig/go-landlock

fho avatar Jun 11 '24 09:06 fho

Landlock works well to limit the user filesystem permissions. But when a baur task runs a docker container that uses mounts, it can not be enforced (same issue as the namespace approach). dockerd mounts the volumes into the container. Because dockerd is a another process, the landlock rules do not apply.

After applying landlock rules, running rootless podman containers is also not possible. Landlock requires that the current thread is withdrawn the option to gain more privileges again (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)). This causes that when podman tries to run newuidmap it fails with EPERM.

fho avatar Aug 25 '25 14:08 fho