GNU bug report logs - #54997
[PATCH 00/12] Add "least authority" program wrapper

Previous Next

Full log

View this message in rfc822 format

From: Ludovic Courtès <ludo <at> gnu.org>
To: Thiago Jung Bauermann <bauermann <at> kolabnow.com>
Cc: 54997 <at> debbugs.gnu.org
Subject: [bug#54997] [PATCH 00/12] Add "least authority" program wrapper
Date: Tue, 26 Apr 2022 22:48:18 +0200

Thiago Jung Bauermann <bauermann <at> kolabnow.com> skribis:

> I'm a bit concerned about running arbitrary commands as PID 1 of process
> namespaces. A process running as PID 1 (even in a child namespace) is a
> special case and is treated differently by the Linux kernel than any
> other process, so it needs to be a program that has been designed to
> work in that situation. There are two differences from regular
> processes:
>
> 1. PID 1 inherits orphan processes and needs to wait() on them when they
>    quit, in order to avoid accumulating zombie processes in the system.
>
> 2. Unlike regular processes, PID 1 doesn't have default signal handlers.

Actually right now ‘make-forkexec-constructor/container’ runs processes
as PID 1.

AFAIK this hasn’t been a problem in practice, probably for two reasons:
(1) we’re wrapping daemons that don’t fork (unlike Jenkins…), and (2)
‘call-with-container’ installs a SIGINT handler and probably daemons
also install SIGTERM and related handlers of their own.

Anyway, it’s a class of problem that would be best avoided in the first
place!

Ludo’.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.