Actions
Task #6952
openppa: run as a non-root user
Effort:
Difficulty:
Label:
Description
Like the RPM, which uses run-as.
Updated by Jason Ish about 1 year ago
- Related to Feature #6936: landlock: enable by default added
Updated by Jason Ish about 1 year ago
- Subject changed from packaging: run as a non-root user to ppa: run as a non-root user
Updated by Jason Ish about 1 year ago
- Target version changed from TBD to Packaging/PPA
Updated by Victor Julien about 1 year ago
- Status changed from New to Assigned
- Assignee changed from OISF Dev to Peter Manev
- Priority changed from Normal to High
One question is: when should we do this? Seems risky to do it in a patch release?
Updated by Jason Ish about 1 year ago
Victor Julien wrote in #note-4:
One question is: when should we do this? Seems risky to do it in a patch release?
Yes, it can be risky. You'd have to get all the chmod's and chown's right in the upgrade script. Would still need to do that when upgrading to a new major release, just breakage is a little more acceptable at a major version. I think making it a goal for 8.0 would be good.
Updated by Victor Julien 10 months ago
- Blocks Story #7160: deployment: improve secure deployment added
Updated by Peter Manev about 2 months ago ยท Edited
For Suricata 8 implement:
- run as user
- systemd
note: make sure ownership is covered too.
Updated by Peter Manev about 2 months ago
- Status changed from Assigned to In Progress
Actions