bubblewrap

Build system

• Building this version of bubblewrap with Meson is recommended. The source release bubblewrap-0.9.0.tar.xz no longer contains Autotools-generated files, although this version can still be built using Autotools after running ./autogen.sh. Future versions are likely to remove the Autotools build system altogether.

New features

• Add --argv0 (#91)

Other enhancements

• --symlink is now idempotent, meaning it succeeds if the symlink already exists and already has the desired target (#549, flatpak/flatpak#2387, flatpak/flatpak#3477, flatpak/flatpak#5255)
• Clarify security considerations in documentation (#555, #560, #621)
• Clarify documentation for --cap-add (#562)
• Report a better error message if mount(2) fails with ENOSPC (#615, ValveSoftware/steam-runtime#637)
• Make it easier to add new unit tests (#420)
• Drop support for ancient Python versions in demo code

Bug fixes

• Fix a double-close on error reading from --args, --seccomp or --add-seccomp-fd argument (#558)
• Improve memory allocation behaviour (#556, #624)
• Silence various compiler warnings (#559)
• Silence an Automake warning (#622)
• Fix a test failure when running as uid 0 in a container (#488)
• Fix a test failure when /mnt is a symlink (#599)
• Fix a test failure on NixOS (#603)

c6347eaced49ac0141996f46bba3b089e5e6ea4408bc1c43bab9f2d05dd094e1 *bubblewrap-0.9.0.tar.xz

New features:

• Add --disable-userns option to prevent the sandbox from creating its own nested user namespace (#488)
• Add --assert-userns-disabled option to check that an existing userns was created with --disable-userns (#488)
• Give a clearer error message if the kernel doesn't have CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER (#550)

Bug fixes:

• Fix test failure with recent versions of capsh (#544)
• Fix test failure since 0.7.0 when not using post-2013 GNU coreutils (#539)
• Fix test failure since 0.7.0 if bubblewrap is setuid (#539)

Known issues:

• Tests fail if run as root (#554)

$ sha256sum -b bubblewrap-0.8.0.tar.xz            
957ad1149db9033db88e988b12bcebe349a445e1efc8a9b59ad2939a113d333a *bubblewrap-0.8.0.tar.xz

New features:

• --size option controls the size of a subsequent --tmpfs (#509)
• Better error messages if a mount operation fails (#472)
• Better error message if creating the new user namespace fails with ENOSPC (#487)
• When building as a Meson subproject, a RUNPATH can be set on the executable to make it easier to bundle its libcap dependency

Bug fixes:

• When building with Autotools, ensure initial setup for pkg-config is not disabled by --with-bash-completion-dir=PATH (#316, #342, #441)
• Fix test failures when running as uid 0 but with limited capabilities (#510)
• Use POSIX command -v in preference to non-standard which (#527)
• Fix a copy/paste error in --help (#531)

$ sha256sum -b bubblewrap-0.7.0.tar.xz 
764ab7100bd037ea53d440d362e099d7a425966bc62d1f00ab26b8fbb882a9dc *bubblewrap-0.7.0.tar.xz

New features in Meson build:

• Auto-detect whether the man page can be generated
• -Dbwrapdir=... changes the installation directory (useful when being used as a subproject)
• -Dtests=false disables unit tests

Bug fixes:

• Add --add-seccomp-fd to shell completions
• Document --add-seccomp-fd, --json-status-fd and --share-net in the man page
• Add attributes to silence various compiler warnings
• Allow compilation of tests with musl on mips architectures
• Allow compilation with older glibc
• Disable sanitizers for a test helper whose seccomp profile breaks the instrumentation
• Disable AddressSanitizer leak detection where it interferes with unit testing

$ sha256sum -b bubblewrap-0.6.2.tar.xz
8a0ec802d1b3e956c5bb0a40a81c9ce0b055a31bf30a8efa547433603b8af20b *bubblewrap-0.6.2.tar.xz

• Fix bwrap --version when built with Meson (#477)
• Don't install zsh completion as executable when built with Meson

$ sha256sum -b bubblewrap-0.6.1.tar.xz
9609c7dc162bc68abc29abfab566934fdca37520a15ed01b675adcf3a4303282 *bubblewrap-0.6.1.tar.xz

New features:

• New --add-seccomp option can be used to add more than one seccomp program (#453)
• Add a warning when repeating options where only the last one will be used, in particular --seccomp (#454)
• Add a Meson build system. (#432)
  • This can be used as a subproject by larger Meson projects. When used as a subproject, the -Dprogram_prefix option is required: see tests/use-as-subproject/ for an example.
  • There is no equivalent of the --with-priv-mode=setuid option in this build system. Distributions that still require a setuid bubblewrap executable will need to chown and chmod the executable appropriately as a separate step in their packaging.
  • The Autotools build system is still supported in this release, but might be removed in a future release if the Meson build system is sufficiently successful.

Bug fixes:

• Invoke bash via PATH for better compatibility with non-FHS operating systems
• Exit early when argc == 0, to harden against the equivalent of CVE-2021-4034 (this is not a security issue in our case)

Other changes:

• The default branch is now named main
• Partial REUSE support (add SPDX-License-Identifier to many source files)
• Remove old CI integration

$ sha256sum -b bubblewrap-0.6.0.tar.xz
11393cf2058f22e6a6c6e9cca3c85ff4c4239806cb28fee657c62a544df35693 *bubblewrap-0.6.0.tar.xz

New features:

• --chmod changes permissions
• --clearenv unsets every environment variable (except PWD)
• --perms sets permissions for one subsequent --bind-data, --dir, --file, --ro-bind-data or --tmpfs

Other enhancements:

• Better diagnostics when a --bind or other bind-mount fails
• zsh tab-completion
• Better test coverage

Bug fixes:

• Use Python 3 for tests and examples
• Mount points for non-directories are created with permissions -r--r--r-- instead of -rw-rw-rw-
• Don't remount items in /proc read-only if already EROFS, required to run under Docker
• Allow mounting an non-directory over an existing non-directory, e.g. --bind "$XDG_RUNTIME_DIR/my-log-socket" /dev/log
• Silence kernel messages for our bind-mounts
• Make sure pkg-config is checked for, regardless of build options
• Improve ability to bind-mount directories on case-insensitive filesystems
• Fix -Wshadow warnings
• Fix deprecation warnings with newer SELinux

$ sha256sum -b bubblewrap-0.5.0.tar.xz
16fdaf33799d63104e347e0133f909196fe90d0c50515d010bcb422eb5a00818 *bubblewrap-0.5.0.tar.xz

This release fixes a privilege escalation bug pointed out by Stephen Röttger, where in some setups
bubblewrap can be used to gain root permissions. Only version 0.4.0 is vulnerable, and only
if installed setuid while at the same time the kernel supports unprivileged user namespaces.
More details in the advisory here:

https://github.com/containers/bubblewrap/security/advisories/GHSA-j2qp-rvxj-43vj

Additionally there are some minor changes:

• Always clear the capability bounding set (cosmetic issue)
• Make the tests work with libcap >= 2.29
• Properly report child exit status in some cases

Alexander Larsson (9):
Ensure we're always clearing the cap bounding set
Don't rely on geteuid() to know when to switch back from setuid root
Don't support --userns2 in setuid mode
drop_privs: More explicit argument name

Christian Kastner (1):
tests: Update output patterns for libcap >= 2.29

Jean-Baptiste BESNARD (1):
retcode: fix return code with syncfd and no event_fd

TomSweeneyRedHat (1):
Add Code of Conduct

The biggest feature in this release is the support for joining
existing user and pid namespaces. This doesn't work in the setuid
mode (at the moment).

Other changes:

• Stores namespace info in status json
• In setuid mode pid 1 is now marked dumpable
• Now builds with musl libc

Alexander Larsson (17):
      Tests: Fix test count
      setuid mode: Properly drop privs in monitor and pid1
      Mark init process as dumpable so we can see stuff in its /proc
      Add support for --userns and --userns2
      tests: test --userns
      utils: Add some utility function to pass pids over a socket
      utils: Add fork_intermediate_child() helper
      Add support for --pidns
      Add tests for --pidns
      tests: Better error message if assert_files_equal fails
      Fix typo in comment
      Drop cap bounding set also in --userns case
      Allow --uid and --gid with --userns
      tests: Fix --userns tests
      --userns --uid: Only swtich user if needed
      Merge pull request #338 from containers/reuse-namespaces
      Bump 0.4.0

Christian Kellner (3):
      bwrap: set opt_unshare_cgroup when _try succeeds
      bwrap: include the pid namespace id in status/json
      tests: check namespace info in json

Colin Walters (1):
      Post-release version bump

Jonathan Lebon (1):
      ci: Bump to fedora/29/atomic

shawrkbait (1):
      Add work-around for TEMP_FAILURE_RETRY to support musl

Git-EVTag-v0-SHA512: d3f07f58b50c579b27470722edfc87b741465ca37ff4d40c9f715d610a69a80a6e6035a0dee678158c1dd77edb0b06bed3ffd6393a784d4ed975c092eb151952

[This release is the same as 0.3.2 but the version number in configure.ac
was accidentally still set to 0.3.1)

This release fixes a mostly theoretical security issue in unusual/broken
setups where $XDG_RUNTIME_DIR is unset.

There are some other smaller fixes, as well as an addition to the JSON
API that allows reading the inner process exit code, separately from
the bwrap exit code.

Thanks to all contributors!

Iain Lane (1):
      tests: Handle systems without merged-/usr

Jakub Wilk (2):
      Fix typos
      Print "Out of memory" on stderr, not stdout

Richard Maw (3):
      Revert "README.md: Delete cat logo picture (not DFSG compliant)"
      bwrap: add option json-status-fd to show child exit code
      bwrap: Report COMMAND exit code in json-status-fd

Simon McVittie (3):
      man page: Describe --chdir, not nonexistent --cwd
      Don't create our own temporary mount point for pivot_root
      tests: Ensure that tmpfs with oldroot/newroot doesn't appear in container

Timothy E Baldwin (1):
      Make lockdata long enough on 32-bit with 64-bit file pointers.

Git-EVTag-v0-SHA512: 1320cc04e853be996e6fa53fb3e472f732ac02855ab05984fa3350aed1d8760fc3b9eac0e6af06843a1f6265afe424e042c937d64606ef2eb29ec53a3539c217

New feature in this release is --bind-try (as well as --dev-bind-try
and --ro-bind-try) which works like the regular versions if the source
exists, but does nothing if it doesn't exist.

The mount type for the root tmpfs was also changed to "tmpfs" instead
of being empty, as the later could cause problems with some programs
when parsing the mountinfo files in /proc.

Alexander Larsson (1 PR, 1 commit)
  Post-release version bump to 0.3.1 (#285)

Colin Walters (1 PR, 1 commit)
  Use "tmpfs" instead of empty string for mount (#278)

Patrick Griffis (1 PR, 1 commit)
  Add --bind-try options (#283)

chocolateboy (1 PR, 1 commit)
  Fix doc typo (#280)

The biggest feature from this release is that bwrap
now supports being invoked recursively (from other container
runtimes such as Docker/podman/runc as well as bwrap itself)
when user namespaces are enabled, and the outer container manager
allows it (Docker's default seccomp policy doesn't).

This is useful for testing scenarios; for example a project
uses Kubernetes for its CI, but inside build the project wants to run
each unit test in their own pid namespace, without going out
and creating a new pod for every single unit test.

Similarly, rpm-ostree compose tree uses bwrap internally for scripts,
and we want to support running rpm-ostree inside a container as well.

Another feature is bwrap now supports -- to terminate argument
parsing. To detect availablity of this, you could parse bwrap --version.

Thanks to all contributors!

Colin Walters (3 PRs, 3 commits)
  ci: Update to FAH27 (#262)
  Release 0.3.0 (#277)
  PR: #256
    Use pivot_root() instead of chroot() for final root
    (and 2 commits from other authors)

Giuseppe Scrivano (1 PR, 2 commits)
  PR: #256
    bwrap, pivot_root: do not require write access to the rootfs
    bwrap: do not always make /proc/{sys,sysrq-trigger,irq} ro
    (and 1 commits from other authors)

Olivier Blin (1 PR, 1 commit)
  Fix leak detected by LSan/ASan (#271)

Simon McVittie (1 PR, 1 commit)
  Add "--" pseudo-argument to end option parsing (#261)


Git-EVTag-v0-SHA512: 2acf37a4a482f4fcde5ff3ec7c0e04e7b7971d1da8c542b5b1a3284deb983ad8c879975e9e360f8da428d5f4ce0b451acdcba9d45c4c9488f6660f177eb5dd04

This is a minor release with some fixes and cleanups.

We now distribute all the demos in the tarball and there was some
fixes to make them work on more distributions and with different
versions of python.

There was an issue with mkdir when running bubblewrap on an NFS
filesystem that has been fixed, so flatpak now works on NFS shares.

Some leaks have been fixed, including a file descriptor leak.

bubblewrap now builds on systems without PR_CAP_AMBIENT.

Alexander Larsson (2):
      Don't rely on mkdir returning EEXISTS (fixing NFS)
      Release 0.2.1

Marcos Paulo de Souza (2):
      Remove O_RDONLY flag when O_PATH is used
      README.md: Remove double dots

Mickaël Salaün (1):
      bubblewrap: Do not leak FDs dedicated to setup_newroot

Philip Withnall (2):
      tests: Correct number of tests in test-run.sh
      bwrap: Second attempt at fixing an argv handling leak

Simon McVittie (5):
      build: Include various interesting files in tarballs
      Skip prctl(PR_CAP_AMBIENT) if PR_CAP_AMBIENT isn't defined
      userns-block-fd: Search $PATH for python
      userns-block-fd: Search the PATH for bwrap
      userns-block-fd: Add support for Python 3

Some new features in this release, and a variety of contributors, which is
always great to see!

On the bugfix side: bwrap now automatically detects the new
user namespace restrictions in Red Hat Enterprise Linux 7.4:
bubblewrap: check for max_user_namespaces == 0.
PR: https://github.com/projectatomic/bubblewrap/pull/215

The most notable features are new arguments --as-pid1, and
--cap-add/--cap-drop. These were added for running systemd (or in general a
"full" init system) inside bubblewrap. But the capability options are also
useful for unprivileged callers to potentially retain capbilities inside the
sandbox (for example CAP_NET_ADMIN), when user namespaces are enabled.
Conversely, privileged callers (uid 0) can conversely drop capabilities (without
user namespaces). Contributed by Giuseppe Scrivano.
PR: https://github.com/projectatomic/bubblewrap/pull/101

Another smaller feature is: With --dev, add /dev/fd and /dev/core symlinks
which should improve compatibility with older software.
PR: https://github.com/projectatomic/bubblewrap/pull/207

Philip Withnall ran bwrap through Coverity; no critical issues
were found, but changes were made to pacify the analysis and we'll
be sure to keep the analyzer happy in the future.

Thanks in particular to Simon McVittie who contributed a lot of improvements
to the test suite, code review, as well as identified an issue with the
licensing of the logo.

Thanks to all contributors!

Alexander Larsson (1):
      Merge pull request #196 from giuseppe/no-reaper

Colin Walters (9):
      demos/shell: Use --die-with-parent
      main: Squash a -Wunused-result error, enable FORTIFY_SOURCE in CI
      tests: Import libtest-core.sh from ostree
      README.md: Delete cat logo picture (not DFSG compliant)
      Retain all caps when invoked by uid 0, work around systemd seccomp filter
      main: Fix typo, tweak command line argument descriptions
      With --dev, add /dev/fd and /dev/core symlinks
      Avoid leaking --args-fd to child process
      Release 0.2.0

Giuseppe Scrivano (8):
      bubblewrap: add --as-pid-1
      bubblewrap: add --cap-add and --cap-drop
      bubblewrap: add option --userns-block-fd
      demos: add demo userns-block-fd.py
      bubblewrap.c: fix typo
      bubblewrap: do not always leave caps in the unprivileged case
      tests: add tests for --cap-add
      README.md: add bwrap-oci to the list of users

Jonathan Lebon (1):
      ci: rename files to new name and bump to f26

Marcos Paulo de Souza (3):
      bubblewrap: Remove not needed MS_MGC_VAL mount flag
      bubblewrap.c: Fix typo secomp -> seccomp in drop_all_caps
      acquire_privs: Cosmetic change to reduce indentation

Philip Withnall (4):
      bubblewrap: Improve const-correctness of argv handling
      bubblewrap: Fix a minor memory leak in --args handling
      bubblewrap: Close FDs on exiting PID 1
      bubblewrap: Add various assertions on SetupOp handling

Simon McVittie (10):
      Distribute test helper library
      tests: Don't write to predictable filenames in /tmp
      tests: Improve diagnostics if non-root caps test fails
      tests: Send diagnostics to stderr
      tests: Interpret stdout as TAP syntax
      tests: Produce finer-grained TAP output
      tests: Ensure non-root users have access to libcap tools
      Partially revert "bubblewrap: Fix a minor memory leak in --args handling"
      tests: Add basic test coverage for --args
      tests: Fix a race condition between attempts to lock a file

Tristan Cacqueray (1):
      bubblewrap: check for max_user_namespaces == 0

Vasya Novikov (4):
      add --unshare-all completion
      bash completion: remove duplicates
      bash completion: fix code style
      bash completion: add --new-session

Vladimir Panteleev (1):
      Prefix error messages with program name

Git-EVTag-v0-SHA512: 6eafa80a60be2cd66396ab7d4a36e7c6c24ed0b0d8dc207ecee6252e7d45f04fd04e1997c60218f0bb8b90e60ee80ed46cc7d8b521b08cb1ba4450440ee646cf

This release has a new notable feature in --die-with-parent,
which is based on the Linux prctl(PR_SET_PDEATHSIG) API.
I suspect most users of bwrap probably want to use this - if
for example if you run bwrap ... make check, this will help
ensure that no processes leak from the test suite.

Besides that, there's mostly a collection of smaller bugfixes.

Thanks to all contributors!

Aidan Hobson Sayers (2):
      Remove privileged_op flags that are never used
      Correctly validate remount-ro argument

Aleksa Sarai (1):
      README: update references to runC

Colin Walters (8):
      build: Remove unbalanced ) in help message
      tests: Use --unshare-user-try
      ci: Revamp to actually run the tests
      Be more informative if loopback setup fails
      tests: Fold test-basic.sh into test-run.sh
      ci: Disable ASAN leak checking
      main: Parse --version early before acquiring capabilities
      Release 0.1.8

Giuseppe Scrivano (1):
      test-run.sh: fix the path for the usage string

Marek Jarycki (1):
      Add --die-with-parent

Mario Sanchez Prada (1):
      Ignore EPERM when dropping caps from bounding set

Tristan Cacqueray (1):
      Ignore missing sysrq-trigger file

valoq (2):
      Add --require-userns build option for setuid mode
      Added --unshare-all to manpage


Git-EVTag-v0-SHA512: f5e3aa406f46241b83a0174a390048820d2040e35fba0b5a9d68bb634e3b6799205b9f854b99fa0cca05148752c8f4d255747023eaf4d5cd903f0da5d4905334
-----BEGIN PGP SIGNATURE-----

iQEwBAABCgAaBQJY2ntnExx3YWx0ZXJzQHZlcmJ1bS5vcmcACgkQ3EX9WSHBPws6
aAf/f18Y6e/OsIrEAKTI3ZDzI1AvgM6kZdi7xQDpuPURxmpeP6515n7LxXbsOBhX
fye4WuvNaM1YDiZVO69JR9OaYTlutqvBmJrHmw2b3WwO4jUf8IyS8VgGe+gfZL1X
/hGoh8aoAUxhIYDtOqC6Bj+fnziFdWgH3q8CsApXz32rNpANNurMQv2C/pLP+ROg
7sHwxFvcbGpjBviHjw0kmnCWKub4GGNnAPvQg/TMo4xx94mkbnUMxq27tw+k03VS
uV1O3wq8OE4bGIWXCdREdvpWaCiN8Bw1vFaLmrSLBmIXNry35k3l+bm6oAd1DRLP
lylBIhhdyV0yWIdn42besDwHsg==
=AOKE
-----END PGP SIGNATURE-----

This release backs out the change in 0.1.6 which unconditionally
called setsid() in order to fix a security issue with TIOCSTI, aka
CVE-2017-522. That change caused some behavioural issues that are
hard to work with in some cases. For instance, it makes shell job
control not work for the bwrap command.

Instead there is now a new option --new-session which works like
0.1.6. It is recommended that you use this if possible, but if not we
recommended that you neutralize this some other way, for instance
using SECCOMP, which is what flatpak does:

https://github.com/flatpak/flatpak/commit/902fb713990a8f968ea4350c7c2a27ff46f1a6c4

In order to make it easy to create maximally safe sandboxes we have
also added a new commandline switch called --unshare-all. It unshares
all possible namespaces and is currently equivalent with:

--unshare-user-try --unshare-ipc --unshare-pid --unshare-net
--unshare-uts --unshare-cgroup-try

However, the intent is that as new namespaces are added to the kernel they will
be added to this list. Additionally, if --share-net is specified the network
namespace is not unshared.

This release also has some bugfixes:

• bwrap reaps (unexpected) children that are inherited from the
  parent, something which can happen if bwrap is part of a shell
  pipeline.
• bwrap clears the capability bounding set. The permitted
  capabilities was already empty, and use of PR_NO_NEW_PRIVS should
  make it impossible to increase the capabilities, but more
  layers of protection is better.
• The seccomp filter is now installed at the very end of bwrap, which
  means the requirement of the filter is minimal. Any bwrap seccomp
  filter must at least allow: execve, waitpid and write

Alexander Larsson (7):
      Handle inherited children dying
      Clear capability bounding set
      Make the call to setsid() optional, with --new-session
      demos/bubblewrap-shell.sh: Unshare all namespaces
      Call setsid() and setexeccon() befor forking the init monitor
      Install seccomp filter at the very end
      Bump version to 0.1.7

Colin Walters (6):
      Release 0.1.6
      man: Correct namespace user -> mount
      demo/shell: Add /var/tmp compat symlink, tweak PS1, add more docs
      Release 0.1.6
      ci: Combine ASAN and UBSAN
      Add --unshare-all and --share-net

$ sha256sum bubblewrap-0.1.7.tar.xz 
e98c1c1c0d353765e62e17b17913d21cce585eda8093cbdf17977377eee5e3de  bubblewrap-0.1.7.tar.xz

This fixes a security issue with TIOCSTI, aka CVE-2017-522. Note bubblewrap is
far from the only program that has this issue, and I think the best fix is
probably in the kernel to support disabling this ioctl.

Programs can also work around this by calling setsid() on their own in an exec
handler before doing an exevp("bwrap").

Git-EVTag-v0-SHA512: aea2bc21fa6194f7d5c4eaf7294dd35e4434616678d2f79c1e9044aca063bf77db199b1030628ced2eb7d3a33d6a6419047e32ea7891be396d9ddb50a7b1f745
-----BEGIN PGP SIGNATURE-----

iQEwBAABCgAaBQJYdPxgExx3YWx0ZXJzQHZlcmJ1bS5vcmcACgkQ3EX9WSHBPwtv
NAgAr5CNW9ZZmYvNWGBm5W0uJuwb1rmBB5Pb2izEfBEi90MdrFg7ZQF+JJLB+EEQ
9XsKZLVd/d6drJkycf3fDq35tVzm6cEMq+pidnujGzS+skQqzmEpqISt8G2GQap0
MnnlJlLpwYwUMJvSqa4Xx/WDM/3Cf1FTI7jPwl1uBccU/4x2w0Apa0PG/pvsJ+3N
BxahkioeeMTrgd1a7BZbwUSMYnx0+4kB92v5JOnYh8wF/fCVgwlb5p0GN5Qz2jNj
YCxyeGZfGk/071/FiHDKW64cmSwEV9gPRWMeRT39n5MfRcKcP2tIEHEVxT61ErLR
OndJWLN2+hFmCxjdrOLSw9fmdw==
=OpAb
-----END PGP SIGNATURE-----

This is a bugfix release, here are the major changes:

• Running bubblewrap as root now works again
• Various fixes for the testsuite
• Use same default compiler warnings as ostree
• Handle errors resolving symlinks during bind mounts

Alexander Larsson (2):
      bind-mount: Check for errors in realpath()
      Bump version to 0.1.5

Colin Walters (6):
      Don't call capset() unless we need to
      Only --unshare-user automatically if we're not root
      ci: Modernize a bit, add f25-ubsan
      README.md: Update with better one liner and more information
      utils: Add __attribute__((printf)) to die()
      build: Sync default warning -> error set from ostree

Simon McVittie (4):
      test-run: be a bash script
      test-run: don't assume we are uid 1000
      Adapt tests so they can be run against installed binaries
      Fix incorrect nesting of backticks when finding a FUSE mount

Git-EVTag-v0-SHA512: ea9673ef5b2df92a216da69ef5589dfd465175bc56feedafd126d0ab2e40f3183974de2c67c92f96470c749f91d4f9f55483cea54030cf35890ed4de18ca952f

$ sha256sum bubblewrap-0.1.5.tar.xz 
a623489a31c0bc6e32ebfef8e55cde16cc0b5d042e5e645e215fda0fb7ec4aad  bubblewrap-0.1.5.tar.xz

This release contains a workaround for the kernel allowing the user
to ptrace any process in the child user namespace. Prior to this
workaround the user could attach to the setup code in bubblewrap
and take control while the child still had full privileges in
the user namespace (it could never get more privileges in the
parent namespace though). With the workaround, we're now true
to the README in that bubblewrap only allows a subset of the
user namespace features.

In order to fix the above we had to drop the support for a set-caps
binary. We now only support setuid 0 (or unprivileged if the kernel
has such user namespace support).

Additionally this release fixes the handling of recursive bind mounts
flags where previously we sometimes failed to handle some uncommon
setups. If you were unable to start bwrap before due to mount errors
this should now be fixed.

Alexander Larsson (11):
      Don't print double errors in case privileged helper dies
      Priv-sep: Don't trust client args for REMOUNT_RO_NO_RECURSIVE
      Add test with basic running operations
      Completely drop setcaps codepaths in favour of setuid
      Work around user-namespaces allowing ptrace
      utils: Add path_equal()
      bind-mounts: Fix handling of covered mountpoints
      tests/test-run.sh: Add some more tests that now work
      bind-mount: Fix issue when destination of mount is in a symlink
      Fix make dist
      Release 0.1.4

Colin Walters (2):
      .redhat-ci.yml: New file
      build: Dist bwrap.xml in tarball

Giuseppe Scrivano (3):
      bwrap: setuid to the sandbox uid
      bwrap: fix typos
      bubblewrap: do not leave zombie process

Git-EVTag-v0-SHA512: 55e170e25eee5f3c8eb947c1532bd7d9dffe74277b9964a28b0bc184800da3d904282668ced54a2bff53c3d9811b40435d8b1db30b5eab610fa85a0954ed20bf

This release fixes CVE-2016-8659: https://github.com/projectatomic/bubblewrap/issues/107
which is a local privilege escalation that applies when
bubblewrap is installed with suid or file capabilities. This
vulnerability does not apply for systems/distributions which
unconditionally enable CLONE_NEWUSER access for unprivileged
users, as e.g. Fedora 24 and newer (as of this writing) do.

However, this will apply to systems such as CentOS/RHEL 7, Debian
stable, Arch, etc. that use bubblewrap as a gating mechanism for
container/app tooling like Flatpak.

The bubblewrap authors wish to thank Sebastian Krahmer, who
has found and responsibly reported many security issues over
time, including this one.

At this time, the bubblewrap authors still believe the codebase is a
sensible option for systems/distributions which don't want to enable
full CLONE_NEWUSER. However, the upstream kernel has improved, and
continues to do so. It's likely at some point in the future that
bubblewrap will evolve more flexibility around gating access to
CLONE_NEWUSER, such as only allowing it for logged in human users,
not background daemons.

Alexander Larsson (3):
      Move commandline args to top of the file
      Don't allow setting hostname if not unsharing UTS namespace
      Only set DUMPABLE when we need it (i.e. in user namespace child)

Bill Nottingham (1):
      Fix capability list in spec file.

Colin Walters (1):
      Release 0.1.3

Kenton Varda (1):
      Make notes on sandstorm.io somewhat more accurate

Git-EVTag-v0-SHA512: 47f77d675735c9ad7f134ac996843b8a6889be9a6a925d586ecc6a4138d2d8d35d1270da04198f09c69434be42a85319b4b763e45ac97e0fce9a961535567c99