White list external resources

Bug #1832387 reported by Chris Sanders
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
hw-health-charm
Fix Released
High
Alvaro Uria

Bug Description

The 3rd party resources that are user provided get installed in /usr/local/bin which presents the ability for any user with attach-resource to put arbitrary files on the system for root to run.

To mitigate this, a white list needs to be included for resource installation and only resources with a hash that matches the approved white list will be installed. Specifically sha256 has has been requested by an end user security team.

Related branches

Jeremy Lounder (jldev)
description: updated
Alvaro Uria (aluria)
Changed in hw-health-charm:
assignee: nobody → Alvaro Uria (aluria)
importance: Undecided → High
status: New → In Progress
Xav Paice (xavpaice)
Changed in hw-health-charm:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.