You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At the moment, test cases can specify whether they require root, whether they require an unprivileged user or whether they don't care who they are running as. For reproducibility purposes, the fact that require.user=empty (the default) means that we don't care about what user the test is running as, is bad.
We need to change the runtime system to work as follows: all test cases are /always/ run as an unprivileged user /except/ if they define require.root=true. Kyua needs to always drop privileges (if running as root) when a test case sets require.root=false (the default). Kyua must not attempt to escalate privileges (if running a require.root=true test as a regular user) because this can easily lead to security issues that we don't want to be involved with.
Lastly, note that this is not a security feature. Dropping privileges from Kyua is just a convenience but by no means this implies that running untrusted test cases is safe.
This change brings in fixes for...
- kyua report-html not properly escaping stdout/stderr:
(freebsd/kyua#6).
- gettimeofday(2) not necessarily being monotonic, but kyua assuming
that it is: (freebsd/kyua#2).
- Update configuration to work with Cirrus CI in lieu of Travis CI.
From jmmv@google.com on December 09, 2010 04:54:30
At the moment, test cases can specify whether they require root, whether they require an unprivileged user or whether they don't care who they are running as. For reproducibility purposes, the fact that require.user=empty (the default) means that we don't care about what user the test is running as, is bad.
We need to change the runtime system to work as follows: all test cases are /always/ run as an unprivileged user /except/ if they define require.root=true. Kyua needs to always drop privileges (if running as root) when a test case sets require.root=false (the default). Kyua must not attempt to escalate privileges (if running a require.root=true test as a regular user) because this can easily lead to security issues that we don't want to be involved with.
Lastly, note that this is not a security feature. Dropping privileges from Kyua is just a convenience but by no means this implies that running untrusted test cases is safe.
Original issue: http://code.google.com/p/kyua/issues/detail?id=6
The text was updated successfully, but these errors were encountered: