Add another alternative. #57
Conversation
|
|
||
| ### `songdongsheng/su-exec` | ||
|
|
||
| [`songdongsheng/su-exec`](https://github.com/songdongsheng/su-exec) is another very minimal re-write of `gosu` in C, making for a much smaller binary, and safer than the [`ncopa/su-exec`](https://github.com/ncopa/su-exec). |
There was a problem hiding this comment.
You're definitely going to have to qualify this a bit; what do you mean by "safer"?
Have you run our existing test suite against it to verify compatibility?
Did you perhaps consider instead collaborating with ncopa on making his implementation better before creating your own in the same language with the same apparent set of goals? (He's a nice guy, and I'm sure would be open to improvement if there's something concrete.)
| As mentioned in `INSTALL.md`, [`su-exec`](https://github.com/ncopa/su-exec) is a very minimal re-write of `gosu` in C, making for a much smaller binary, and is available in the `main` Alpine package repository. | ||
| As mentioned in `INSTALL.md`, [`ncopa/su-exec`](https://github.com/ncopa/su-exec) is a very minimal re-write of `gosu` in C, making for a much smaller binary, and is available in the `main` Alpine package repository. | ||
|
|
||
| The ncopa's su-exec have critical bugs (or features), it will use root permission silently if invalid user-spec given ! |
There was a problem hiding this comment.
This line leads me to believe there's been a grave misunderstanding of the intended purpose / use case for gosu and su-exec.
The entire point of this project is for a Docker image to be able to start as root, and then use gosu to become non-root (to "step down", as it were). The way it does this is by using Docker's own user:group parsing code for Docker's --user flag (which comes from runc these days), and this is where the "empty string is root" edge case comes from.
There was a problem hiding this comment.
I'm agree "empty string is root", but "invalid string is root" is not acceptable. It will swallow typo or error configuration.
There was a problem hiding this comment.
Ah, great idea; let's add some false negatives to our test suite. FWIW, gosu has sane behavior here:
$ ./gosu-amd64 0day true
error: failed switching to "0day": unable to find user 0day: no matching entries in passwd file
$ echo $?
1Also, this is probably a simple fix to su-exec too (although it has been a bit since I looked at the code over there).
There was a problem hiding this comment.
|
Closing in favor of ncopa/su-exec#26. |
No description provided.