search

rust-lang / rust-playground

The Rust Playground
https://play.rust-lang.org/
Apache License 2.0
1.27k stars 209 forks source link

Investigate further security options #41

Open shepmaster opened 8 years ago

shepmaster commented 8 years ago
ArtemGr commented 8 years ago

With AppArmor you can add hats to a Docker profile. cf. http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference#Local_Profiles_and_Hats Having a hat in profile allows you to switch into that hat programmatically.

This is very good for security, because when you're switching into a hat, your app is already loaded, so there's no need to grant any access to the executable, to the shared libraries, to the filesystem in general.

I'm not sure it'll work though, as you need some kernel access in order to ask it to switch into a different hat, and Docker might be inadvertently blocking it.

Another option is to try something simpler, the usual subprofiles. Haven't tried it myself either, but I suppose it should work.