forked from rancher-sandbox/rancher-desktop
-
Notifications
You must be signed in to change notification settings - Fork 0
Privilege Escalation
Mark Yen edited this page Mar 7, 2022
·
2 revisions
Rancher Desktop has various needs to run as a privileged user, typically platform-specific:
- (Installer) Install WSL
- (Installer) Update WSL kernel
- Writing to
C:\Windows\system32\drivers\etc\hosts - Custom networking?
- Install
vde_vmnettools - Run
vde_vmnettools (sudoers file) - Create
/private/var/run/rancher-desktop-lima- This gets deleted every boot
- Use
/var/rundirectly, with prefix?
-
/etc/paths.dmanagement - Create docker socket symlink
- Self-updating of setuid helper
- Are the SUSE certs (per-dev) using the same cert?
- Create docker socket symlink
- Custom networking
- Privilege escalation is only needed at install time
- For macOS / Linux AppImage, this may be an optional component installed separately.
- The application can still run without privilege escalation with a reduced
feature set.
- E.g. fall back to SLIRP-only networking on macOS.
- Only applicable on macOS / Linux
- Issues around conflicting sudoers configuration
- Not great for admin access
- macOS only
- Single prompt to install
- socket activation
- include which interface to use in the request?
- Convention seems to be to drop the executable in
/Library/PrivilegedHelperTools/ - Maybe use SMJobBless instead?
- macOS/Linux: setuid binary
- Need to hard-code things, but should be safe with adequate checking
- Windows: privileged service
- Requires Administrator access to install
- Also need it for uninstall
- Needs to grant privilege escalation every time RD updates (new binary)
- Ignore Windows for now
- Make lima.ts fall back when no privileged access
- === release checkpoint here ===
- Temporarily introduce a (hidden) setting to disable privileged access
- Use a setuid helper on macOS / Linux
- Hack up lima to not use sudo
- Remove setting, check setuid bit on helper instead