-
- [X] I have searched open and closed issues for duplicates
---
### Bug Description
In #3627 @scottnonnenberg-signal wrote:
> We will not be forcing a root `setuid` on our use…
-
Allow user to set SUID on vopono binary, and then don't prompt for sudo, etc.
Most existing code should already work, this is more of a packaging problem. May need minor changes for getting origina…
-
Hello!
Nexus generates incorrect metadata for rpm-packages with `ghost` files.
In native repodata/*-primary.xml.gz (created via [createrepo](https://linux.die.net/man/8/createrepo)):
```xml
..…
-
Random thoughts on docker container escape and security in general: https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/
* Do not use the --privileged flag or mount a [Do…
-
Recent changes to rkt have allowed us to perform a large subset of rkt commands (image list, fetch, etc) as an unprivileged user. It would be nice if it was possible to do ALL rkt operations this way:…
-
### Expected Result
Success on running the command
```
singularity selftest
```
### Actual Result
```
$ singularity selftest + sh -c test -f /home/aryczkowski/spack/opt/spack/linux-ub…
-
I have not tested yet, but i was going to try to work this into the setup somehow https://www.elstel.org/xchroot/
-
Hello, I've recently came across [runimage](https://github.com/VHSgunzo/runimage) which is a portable container that uses bubblewrap and it is capable of launching appimages without issues unlike othe…
-
There are no checks for setuid and setgid permissions right now which could potentially be a security risk.
a) `setugid=yes` allows both setuid and setgid permissions in all files in the package
b…
-
Currently rua uses a pretty naive solution to figure out is a package should be installed explicitly.
There's currently two problems with it:
1. It assumes an entire pkgbase is either asdeps or…