mkcomposefs: Document external sandboxing

Alternative to #358 which would have put some internal sandboxing. Signed-off-by: Colin Walters <[email protected]>
containers · Sep 26, 2024 · b012c28 · b012c28
1 parent 5ed1fb6
commit b012c28
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/man/mkcomposefs.md b/man/mkcomposefs.md
@@ -104,6 +104,23 @@ Format version history:
 The default if no version arguments are specified is version 0 and max
 version 1.
 
+# SANDBOXING RECOMMENDATIONS
+
+This tool essentially just processes an input directory or
+text file and writes a file. It does not require any privileges
+at all. If you are invoking this as part of an otherwise privileged
+process (such as a container runtime) we recommend dropping privileges
+before invoking `mkcomposefs`.
+
+Especially if you are using `--from-file`, you can run this
+as an unprivileged uid that has no writable filesystem access at
+all. An example simple sandboxing starting from root is
+`setpriv --nnp --reuid nobody -- mkcomposefs ...`.
+Another is to use `systemd-run -P DynamicUser=yes -P ProtectSystem=strict`.
+Yet another (especially if your code is already part of a container runtime)
+is to use that runtime's existing functionality (seccomp, unsharing user namespace,
+mounting a restricted subset of the rootfs, etc.
+
 # SEE ALSO
 **composefs-info(1)**, **mount.composefs(1)**, **composefs-dump(5)**