I’ve been looking at silver blue for the added security of an immutable os file system and containerized software. I see that there is an experimental feature called livefs that lets you make commits to ostree on a live system. Is there a way to disable this feature or compile wihtout it ? I’m curious as to what the security ramifications of this feature are. I’m brand new to the community. Thanks!
livefs is an experimental command that lets you apply package changes without a reboot. However I believe you need root to access it (IIRC it doesn’t even use polkit), so it’s not a huge security issue; with root access there are far more drastic things that could be done to the system.
@refi64 It makes sense that this is only a feature root can use. I realize that with root you could do other harm but a few questions from that:
- whats the point of the immutable file system
- what about permission escalations or bugs in the feature especially since its experimental
- what is the planned future of this feature?
- The point of the immutable filesystem is largely for atomic upgrades, if you have root you could still technically modify it even without rpm-ostree. root on unix systems is just a very, very powerful account…
- The feature definitely has bugs, but authentication is handled by polkit (used for privilege checks by many Linux apps) so the chances of escalations is pretty low.
- I have no idea.
Thanks so much for the reply