Improving How OpenStack Nova Runs Privileged Commands

By admin On Friday, November 25th, 2011 With 0 Comments

Thumbnail image for OpenStack logoOpenStack release manager Thierry Carrez examines OpenStack Nova’s current privilege model and how it’s being improved with the root_helper option.

Right now, OpenStack uses sudo to escalate privileges when it needs to run a root command. The problem with this, says Thierry, is that sudo doesn’t provide a way to efficiently filter commands, which could be used to exploit systems.

Sponsor

“As an example, the current nova_sudoers file contains commands like chown, kill, dd or tee, which are more than enough to compromise a target system completely,” says Thierry.

To fix this, Thierry worked on a filter that gives Nova a configurable “root helper.” By default, this is still sudo but it could be something else. The “something else” is what Thierry is working on now, and taking feedback as well.

The primary goals are:

  • Provide a command filter that checks arguments as well as commands run.
  • Provide a way to run as users other than root when root privileges aren’t necessary.
  • Separate filters by the type of node running Nova, as not all nodes need to run root commands at all.

Thierry is working on a Python based implementation of this, and looking for feedback on other necessary features. Any other features that Thierry should be looking at?

Discuss


Original post:
Improving How OpenStack Nova Runs Privileged Commands

Comments

comments

Powered by Facebook Comments

Related posts:

  1. Infographic: The State of OpenStack Adoption
  2. Rackspace delivers OpenStack for private clouds
  3. Is Rackspace Ready to Support Private Clouds?
  4. Improving Video Ads By Asking Simple Questions
  5. Verizon runs Galaxy Nexus ad with $199 price — still won’t let you buy
Tags: , , , , , , , , ,