You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Yes, there's a potential security risk with apps that require the privileged: true flag. Granting this permission allows containers to bypass isolation mechanisms and essentially gain root access to the host system. This poses a significant security threat, especially when the app's image is maintained by a third-party, as future updates may introduce vulnerabilities.
Describe the solution you'd like
I propose adding a clear warning message on the App Store page for any application that requires the privileged: true permission. This message should inform users about the potential risks involved in running such apps and encourage them to carefully consider the implications before installation.
Describe alternatives you've considered
Manual review of privileged apps: Implementing a manual review process for apps requesting privileged access could help mitigate risks. However, this approach is not scalable and may introduce delays in app availability.
Sandboxing privileged apps: Exploring sandboxing techniques to limit the impact of potential vulnerabilities could be another option. However, this requires additional technical complexity and may not be feasible for all applications.
Additional context
In some image, while the current version is secure, future updates to the third-party image could introduce vulnerabilities, posing a risk to users and their systems. CasaOS/ZimaOS has a responsibility to inform users about these potential risks and promote transparency regarding app permissions.
The text was updated successfully, but these errors were encountered:
Cp0204
changed the title
[Security] Warn Users About Risks of Apps with privileged: true Permission
[Enhancement] Add Warning Message for Apps with privileged: true Permission
May 6, 2024
Is your feature request related to a problem? Please describe.
Yes, there's a potential security risk with apps that require the
privileged: true
flag. Granting this permission allows containers to bypass isolation mechanisms and essentially gain root access to the host system. This poses a significant security threat, especially when the app's image is maintained by a third-party, as future updates may introduce vulnerabilities.Describe the solution you'd like
I propose adding a clear warning message on the App Store page for any application that requires the
privileged: true
permission. This message should inform users about the potential risks involved in running such apps and encourage them to carefully consider the implications before installation.Describe alternatives you've considered
Additional context
In some image, while the current version is secure, future updates to the third-party image could introduce vulnerabilities, posing a risk to users and their systems. CasaOS/ZimaOS has a responsibility to inform users about these potential risks and promote transparency regarding app permissions.
The text was updated successfully, but these errors were encountered: