Package: wnpp Severity: wishlist Owner: Simon McVittie <s...@debian.org> Control: affects -1 xdg-app
* Package name : bubblewrap Version : (no releases yet) Upstream Author : Colin Walters, Alex Larsson * URL : https://github.com/projectatomic/bubblewrap/ * License : LGPL-2+ Programming Lang: C Description : setuid wrapper for unprivileged chroot and namespace manipulation bubblewrap is a setuid wrapper tool with which unprivileged users can launch containers, using chroot and various Linux namespace features, without giving those users access to the full attack surface of user namespaces. --- bubblewrap is derived from xdg-app-helper in src:xdg-app, which is itself derived from linux-user-chroot. The next upstream version of xdg-app will replace xdg-app-helper with a private copy of bubblewrap as a git submodule; later versions are intended to use a system copy of bubblewrap, at least optionally. When bubblewrap has matured a bit and had some releases, it might make sense to treat it as superseding linux-user-chroot, possibly with a transitional package containing a script for command-line compatibility, so that the overall number of setuid-root things in the archive can reduce. (linux-user-chroot maintainer in X-Debbugs-Cc) I intend to maintain this in collab-maint, with pkg-utopia as the primary maintainer (unless some other team wants it). Co-maintainers and security audits welcome. S
