Opened at 2010-03-05T08:12:01Z
Last modified at 2010-03-25T00:37:17Z
#981 new enhancement
chroot support?
| Reported by: | ioerror | Owned by: | somebody |
|---|---|---|---|
| Priority: | major | Milestone: | undecided |
| Component: | code | Version: | 1.6.0 |
| Keywords: | security twisted chroot install | Cc: | |
| Launchpad Bug: |
Description
I'd like Tahoe to be forced chrooted after a certain run time (say, after start up as a storage node) - On a modern GRSec enabled Linux machine, it may provide a bit of defense in depth.
Change History (2)
comment:1 Changed at 2010-03-10T20:05:51Z by warner
comment:2 Changed at 2010-03-25T00:37:17Z by davidsarah
- Keywords twisted chroot install added
- Priority changed from minor to major
Note: See
TracTickets for help on using
tickets.
FYI, I *think* that after tahoe's Node.startService is called, it shouldn't be touching anything outside of its basedir. (by that point, all python libraries should have been imported, random files like /etc/mime.types should have been read, and the Tahoe code itself never touches anything outside the basedir). It will need continued access to /dev/urandom, of course.
twistd has a --chroot argument which is worth exploring. I don't know when exactly it gets invoked, but it's probably the Right Way to do it, so if it doesn't work with --chroot, I'd be happy to try to fix tahoe to make it work.