keylime-agent.conf should default to run_as = keylime:tss #439

kkaarreell · 2022-08-23T06:23:53Z

Rust agent should be dropping privileges by default, making it more secure.
While Python agent has run_as = we should strive for more secure defaults for the rust agent.

The text was updated successfully, but these errors were encountered:

kkaarreell · 2022-08-23T09:17:11Z

I am sorry, I got confused by Fedora defaults and falsely assumed that Python agent uses keylime:tss. I have therefore updated the issue description.

ansasaki · 2022-09-21T11:30:43Z

This was fixed by #449
The new default for run_as is keylime:tss

kkaarreell changed the title ~~keylime-agent.conf should default to run_as = keylime~~ keylime-agent.conf should default to run_as = keylime:tss Aug 23, 2022

ansasaki closed this as completed Sep 21, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

keylime-agent.conf should default to run_as = keylime:tss #439

keylime-agent.conf should default to run_as = keylime:tss #439

kkaarreell commented Aug 23, 2022 •

edited

Loading

kkaarreell commented Aug 23, 2022

ansasaki commented Sep 21, 2022

keylime-agent.conf should default to run_as = keylime:tss #439

keylime-agent.conf should default to run_as = keylime:tss #439

Comments

kkaarreell commented Aug 23, 2022 • edited Loading

kkaarreell commented Aug 23, 2022

ansasaki commented Sep 21, 2022

kkaarreell commented Aug 23, 2022 •

edited

Loading