view the rest of the comments
Android
The new home of /r/Android on Lemmy and the Fediverse!
Android news, reviews, tips, and discussions about rooting, tutorials, and apps.
🔗Universal Link: !android@lemdro.id
💡Content Philosophy:
Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.
Support, technical, or app related questions belong in: !askandroid@lemdro.id
For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id
📰Our communities below
Rules
-
Stay on topic: All posts should be related to the Android OS or ecosystem.
-
No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.
-
Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.
-
No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.
-
No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.
-
No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.
-
No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.
-
No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.
-
No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!
-
No affiliate links: Posting affiliate links is not allowed.
Quick Links
Our Communities
- !askandroid@lemdro.id
- !androidmemes@lemdro.id
- !techkit@lemdro.id
- !google@lemdro.id
- !nothing@lemdro.id
- !googlepixel@lemdro.id
- !xiaomi@lemdro.id
- !sony@lemdro.id
- !samsung@lemdro.id
- !galaxywatch@lemdro.id
- !oneplus@lemdro.id
- !motorola@lemdro.id
- !meta@lemdro.id
- !apple@lemdro.id
- !microsoft@lemdro.id
- !chatgpt@lemdro.id
- !bing@lemdro.id
- !reddit@lemdro.id
Lemmy App List
Chat and More
Please add support to not run as root!
I was going to bring this up on lemmy.ca but haven't had time to submit a PR to fix the user ID first.
Wdym? If you logged in as another user, you must add it to the
docker
group. I'm not sure what I have to do.Docker creates a virtual Linux environment basically, they mean they would like the user in that environment to not be root. I can submit a MR later today to do so (I authored the automatic docker builds MR)
Yes this, thanks!
Basically it's not hard to break out of docker, I don't want to run photon as root. If it gets hacked while running as root, it's game over.
It's pretty hard to break out of Docker unless the user does something stupid, like mount the host's Docker socket into the container.
Casual container breakouts are not common at all, they're a big deal, and fixed pretty quickly.
A quick google tells me there were 3 vulns in 2022 allowing it. I'm not sure why you would argue for a horrible security practice under the excuse "it's not common". Even if it was only once every few years, the app doesn't need root so it shouldn't run as root.
I'm not advocating for running containers as root, I was correcting your suggestion that container breakouts are trivial and easy to perform. But let's walk through those 2022 breakout vulns shall we? I even found one more.
CVE-2022-0847 - DirtyPipe, a Linux kernel vulnerability, and one of the most major and prolific Linux kernel vulns to date. In addition, it wouldn't have mattered if the container ran as root or not, this was a significant Linux kernel flaw. In fact, the PoC runs the container as an unprivileged user.
CVE-2022-0492 - Needed
CAP_SYS_ADMIN
to be exploitable, isn't exploitable anymore, and falls under my remark of "the user doing something stupid."CVE-2022-0492 - Vulnerability due to cgroups, and wouldn't be exploitable as a root container user unless a very specific set of 5 prerequisites were met. "Just being root" was not enough for exploitation.
CVE-2022-23648 - Was a read-only vulnerability relating to volume mounts, root vs non-root was not relevant to the vulnerability, and it only allowed for "breakout" in situations where you're running in a Kubernetes cluster and the container can read service account tokens. Running as a non root user would not have prevented this.
I'm not saying "running as root doesn't matter," running as a non root user is a best practice, yes. But breakout vulns are more rare and harder to exploit than even your response to me is trying suggest.
Touche.
https://github.com/Xyphyn/photon/pull/35
they'll probably have it merged soon