Open yuvipanda opened 4 years ago
So I played around with this, and dropped privs for the ssh process. However, jupyterhub-sftp still needs to run privileged, since it bind mounts and sshd chroots. CAP_SYS_ADMIN
wasn't enough for the bind-mounting, although it was for chrooting....
jupyterhub-ssh should run as an unprivileged process, with the container quite locked down in the helm configuration.
jupyterhub-sftp requires
CAP_SYSADMIN
androot
, so we can bind mount user home directories & sshd can chroot into them. However, we should drop all other permissions there.