• Tails developers's avatar
    Don't allow the desktop user to pass arguments to tails-upgrade-frontend (Closes: #7410) · df1f92f0
    Tails developers authored
    ... and accordingly update the design document and manual test suite steps.
    
    The tails-upgrade-frontend program is run as the tails-upgrade-frontend user,
    that is basically equivalent to root. Some of the available
    tails-upgrade-frontend options might be dangerous. I've looked at it quickly and
    didn't find anything scary, but still, it's simply not worth taking the risk of
    privilege escalation, persistent root kit implementation, and so on.
    
    Strictly speaking, this change does not really belong to
    bugfix/7345-upgrade-from-iso-from-1.0-to-1.1, and could have been implemented
    separately. However, this branch introduces running as root a syslinux binary
    taken from the installed IUK, so it raised the flag that made me want to lock
    this down a bit more.
    df1f92f0
tails-upgrade-frontend-wrapper 1.94 KB