Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

subuser should not promt for user password #333

Open
m1ch opened this issue Nov 8, 2017 · 3 comments
Open

subuser should not promt for user password #333

m1ch opened this issue Nov 8, 2017 · 3 comments

Comments

@m1ch
Copy link

m1ch commented Nov 8, 2017

Hi,

from security perspective a program should never ask for you user password. Please integrate a check, that ends subuser if run with insufficient privileges. It is not even necessary to run docker with sudo anymore as you can add yourself to the docker group.
@dragon788
Copy link

If you don't wish to enter your password every time you can put yourself in the docker group, but if you are administering a system that other people use, you do NOT want to put them into the docker group because that is effectively putting them into wheel or adm or sudo because running a container can give them root equivalent permissions.

This is precisely why Docker themselves in their documentation offer the option of running sudo docker run somecontainer or putting yourself in the docker group to avoid the password prompt from sudo. If you are running subuser in a manner that requires root privileges and aren't in the Docker group, then the system REQUIRES you to follow the established norms of requiring the user to enter their password to ensure they are authorized to execute the command (not necessarily as root, just as a user that can perform whatever operation is required), and is often required to change certain files that can't be accessed by normal users like /etc/hosts or other system wide configs.

@m1ch
Copy link
Author

m1ch commented Jul 4, 2020

You wrote it yourself:

This is precisely why Docker themselves in their documentation offer the option of running sudo docker run somecontainer

Docker, and better Linux, is offering to raise privileges via the sudo command.
I don't know if it is still the case, but in 2017 subuser was actively asking for the users' password to do a sudo internally. IMHO this should never be done by a user space program. Instead, add a check if the program was started with sufficient privileges. (e.g: check if started via sudo subuser, or if user is in docker group).

@timthelion
Copy link
Contributor

why is it wrong to run sudo internally? The only difference is saving the user the trouble of typing sudo. Subuser was never processing the password as a string or accepting the keystrokes itself

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dragon788 @timthelion @m1ch