[6454] in Release_7.7_team
Re: Login chroots
daemon@ATHENA.MIT.EDU (Evan Broder)
Fri Oct 9 12:51:10 2009
Message-ID: <4ACF69F2.6080601@mit.edu>
Date: Fri, 09 Oct 2009 12:50:58 -0400
From: Evan Broder <broder@MIT.EDU>
MIME-Version: 1.0
To: ghudson@mit.edu
CC: release-team@mit.edu
In-Reply-To: <200910091634.n99GYSR9013990@outgoing.mit.edu>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Spam-Flag: NO
X-Spam-Score: 0.00
ghudson@MIT.EDU wrote:
> (Summarizing a zephyr conversation this morning.)
>
> LVM-based login chroots do four things:
>
> 1. Reduce the likelihood that a user's login activities will affect
> the reusability of the machine.
>
> 2. Allow a user's login activities to include becoming root and
> mucking around with the system (e.g. adding packages).
>
We could approximate these two by allowing users to install (and only
install) packages and then tracking and purging those packages on
logout. I realize that install + purge is not always a NOOP, but is it
close enough that we're willing to try?
- Evan
