You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/deployment-modes.md
+18-5Lines changed: 18 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -58,9 +58,22 @@ csc run contract.json policy.yaml \
58
58
### Requirements
59
59
60
60
- Linux only (rejects other platforms at startup)
61
-
-`bwrap`, `setpriv`, `prlimit` must be on PATH
62
-
- Receipt signing is mandatory (`--sign --signing-key --key-id`)
63
-
- Container should be started with `--network=none` for host-level isolation
61
+
-`bwrap`, `setpriv`, and `prlimit` must be on `PATH`
62
+
- Receipt signing is mandatory in hardened mode (`--sign --signing-key --key-id`)
63
+
- For the tested containerized deployment shape, the outer container should be started with `--network=none` as host-level defense in depth
64
+
65
+
### Runtime Prerequisites
66
+
67
+
Hardened mode requires a **compatible Linux runtime**. Not all Linux environments support the namespace operations that bubblewrap requires.
68
+
69
+
-**User namespaces** must be available to the runtime
70
+
-**Some Ubuntu/AppArmor-restricted environments** may block `bwrap --unshare-net` with errors such as `RTM_NEWADDR: Operation not permitted`
71
+
-**Restrictive seccomp profiles** may prevent namespace creation
72
+
-**Container runtimes** must allow the namespace features bubblewrap uses; not all Docker/Podman configurations do so by default
73
+
74
+
If `bwrap --unshare-net` is blocked by the host or runtime, that environment is **not currently supported** for hardened mode.
75
+
76
+
The shipped Docker image and CI workflow document the tested configuration. Deployments outside that configuration require operator verification.
64
77
65
78
### What It Provides
66
79
@@ -147,7 +160,7 @@ The pilot claim is bounded: **Linux, filesystem-bounded local/CI execution, no n
147
160
148
161
### Container runtime dependency
149
162
150
-
bubblewrap requires the host/container runtime to support the namespace features it uses. Restrictive seccomp profiles or disabled user namespaces can prevent bwrap from functioning. The hardened pilot is tested against the shipped container image only.
163
+
bubblewrap requires the host/container runtime to support the namespace features it uses. Some Ubuntu/AppArmor-restricted environments, restrictive seccomp profiles, or disabled user namespaces can prevent bwrap from functioning. If `bwrap --unshare-net` fails, that environment is not supported for hardened mode. The hardened pilot is tested against the shipped container image and CI workflow only.
151
164
152
165
### Approval replay prevention is process-local
153
166
@@ -161,4 +174,4 @@ A signed receipt proves integrity and signer identity. It does not by itself pro
161
174
162
175
> CSC hardened mode is safe enough for bounded production use in Linux-based, filesystem-bounded local/CI execution workflows without network access, under the documented trust assumptions and deployment constraints.
163
176
164
-
This claim applies only to the tested container image running in hardened mode with `--network=none`. It does not extend to arbitrary Linux hosts, other operating systems, or deployment configurations not covered by the integration test suite.
177
+
This claim applies only to the tested container image and CI workflow configuration. It does not extend to arbitrary Linux hosts, other operating systems, or deployment configurations not covered by the integration test suite.
0 commit comments