"Thomas Viehmann" <[EMAIL PROTECTED]> writes:
> Hi.
>
> Goswin von Brederlow ([EMAIL PROTECTED]) wrote:
> >Debix-imager
> >============
> >
> >Debix-imager is a setuid binary that allows a user to create a
> >loopback file, format it with the filesystem of his choice and install
> >the contents of a tar file or a debian system via debootstrap on it.
> >
> >The intention is to make it flexible enough for boot-floppies,
> >debian-installer and debix to create their bootfloppies, ramdisks and
> >live filesystems without needing root themself.
> >
> >I'm looking for a sponsor that knows a bit about security.
> >boot-floppies and/or debian-installer experiences would be good too.
> >At the moment I'm use ocaml but a rewrite in C/C++ would be easy and
> >maybe cleaner. (Codesize 195 lines atm).
>
> Are you sure this (creating the filesystems) cannot be done entirely
> without root / suid programs? At least for debian-installer I had
> the impression that they get quite far with recent mtools/syslinux.
The mtools/syslinux is for the fat bootfloppy. The ramdisk itself
is mounted loopback and needs root.
In Debix-imager the loopback file and filesystem is created as user
(so no luck specifying /etc/passwd as loopback file to DOS). But
running debootstrap wants to mount /proc and use chroot. Simulating
that as user would be possible but complex.
And last installing files with user/group root and possibly
setuid/setgid in say xfs or reiserfs is not possible atm afaik. I know
that there are ext2/3 tools to put files into a loopback filesystem
as user but that would limit the FS options.
MfG
Goswin
