Task #6952: ppa: run as a non-root user - Suricata - Open Information Security Foundation

Actions

Task #6952

open

ppa: run as a non-root user

Added by Jason Ish 17 days ago. Updated 17 days ago.

Status:

Assigned

Priority:

High

Assignee:

Target version:

Effort:

Difficulty:

Label:

Description

Like the RPM, which uses run-as.

Related issues 1 (1 open — 0 closed)

Actions

#1

Updated by Jason Ish 17 days ago

Related to Feature #6936: landlock: enable by default added

Actions

#2

Updated by Jason Ish 17 days ago

Subject changed from packaging: run as a non-root user to ppa: run as a non-root user

Actions

#3

Updated by Jason Ish 17 days ago

Target version changed from TBD to Packaging/PPA

Actions

#4

Updated by Victor Julien 17 days ago

Status changed from New to Assigned
Assignee changed from OISF Dev to Peter Manev
Priority changed from Normal to High

One question is: when should we do this? Seems risky to do it in a patch release?

Actions

#5

Updated by Jason Ish 17 days ago

Victor Julien wrote in #note-4:

One question is: when should we do this? Seems risky to do it in a patch release?

Yes, it can be risky. You'd have to get all the chmod's and chown's right in the upgrade script. Would still need to do that when upgrading to a new major release, just breakage is a little more acceptable at a major version. I think making it a goal for 8.0 would be good.

Actions

Also available in: Atom PDF