0

I have an application (running in an IDE under my user account) that does the following:

  1. It creates an empty file with ~1GiB size.
  2. It calls mkfs on this file (btrfs currently, but may change in future).
  3. It calls udisksctl loop-setup and udisksctl mount to mount it.

So far so good, but now I have the problem that I cannot create any files inside. To do this I would need to run chmod, which I can only do as root.

I do not want to run my application as root, because this could have huge security impacts.

In my opinion there should be a way to get the required permissions (without beeing root), because I have full access to the underlying image file nevertheless.

Edit: I found a solution that works at least. I'm creating a filesystem image with the according permissions set. Then I zip it and deploy it with my application. It is not perfect, but at least it works. If someone has a better idea, I would be very thankful to hear it.

Edit2: I do not need to chown or chmod anything, I just need to create, read, write and delete files and directories. Choosing a different filesystem is not an option.

Improve this question
12
  • Being able to mount an arbitrary image without restrictions already has huge security impacts. This sounds like an X-Y problem. Can you use CAP_CHOWN, CAP_FCHOWN and CAP_FSETID capabilities? Commented Apr 19, 2020 at 12:54
  • Nope, sorry. I don't want to change the configuration of the system in any way, because this makes the deployment of my application much harder. Commented Apr 19, 2020 at 13:09
  • In my opinion, the risk of having a security issue is minimal in the current configuration, because the application creates a new filesystem each time it boots (and deletes it afterwards). Commented Apr 19, 2020 at 13:16
  • In this case you are going to need to find or write tools to create the image rather than use the existing code in the kernel. btrfs is not the simplest choice! Linux initramfs uses cpio format and mtools allows you to manipulate vfat images. Commented Apr 19, 2020 at 13:24
  • 2
    @ctrl-alt-delor I agree that is what the question asks. I think this is an X-Y problem. As for the security aspects, nosuid and nodev help, but you also need to restrict where the mount can take place, you don't want me to be able to mount a new version of /etc. Checking that without race conditions is hard. There is a reasonable chance that he also wants to be able to chown files inside the new image. I think the best approach is to follow the example of the initramfs and generate a cpio file. cpio is simple enough to be easily generated by perl, python or even shell. Commented Apr 19, 2020 at 19:56

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.