You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/tailfs
Percy Wegmann 232a2d627c tailfs: only impersonate unprivileged user if able to sudo -u as that user
When serving TailFS shares, tailscaled executes another tailscaled to act as a
file server. It attempts to execute this child process as an unprivileged user
using sudo -u. This is important to avoid accessing files as root, which would
result in potential privilege escalation.

Previously, tailscaled assumed that it was running as someone who can sudo -u,
and would fail if it was unable to sudo -u.

With this commit, if tailscaled is unable to sudo -u as the requested user, and
tailscaled is not running as root, then tailscaled executes the the file server
process under the same identity that ran tailscaled, since this is already an
unprivileged identity.

In the unlikely event that tailscaled is running as root but is unable to
sudo -u, it will refuse to run the child file server process in order to avoid
privilege escalation.

Updates tailscale/corp#16827

Signed-off-by: Percy Wegmann <percy@tailscale.com>
9 months ago
..
tailfsimpl tailfs: only impersonate unprivileged user if able to sudo -u as that user 9 months ago
local.go tailfs: clean up naming and package structure 10 months ago
remote.go ipn: include full tailfs shares in ipn notifications 9 months ago
remote_nonunix.go tailfs: initial implementation 10 months ago
remote_permissions.go tailfs: initial implementation 10 months ago
remote_permissions_test.go tailfs: initial implementation 10 months ago
remote_unix.go tailfs: initial implementation 10 months ago