[ubuntu-hardened] Overlayfs over Fuse Privilege Escalation in USERNS.
Tyler Hicks
tyhicks at canonical.com
Thu Mar 3 17:52:08 UTC 2016
On 2016-03-03 17:57:30, daniel curtis wrote:
> Hello Seth and Steve
>
> Thank You both for an answers and explanation. It's pretty interesting,
> that an older Linux kernel seems to be more secure than in newer releases
> etc. But as Steve wrote: "The thing that makes these issues exploitable is
> that the kernel in Ubuntu 14.04 and newer supports unprivileged user
> namespaces (...)".
It would be wrong to think that a software project only becomes more
secure over time. That's especially true for a project that receives as
much active development as the Linux kernel. New features are being
continually added and some of those features may unintentionally, or
sometimes intentionally, weaken the security stance of the project.
In this case, a new feature provided new attack vectors that
unintentionally introduced a couple flaws.
Tyler
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20160303/fcb41504/attachment.pgp>
More information about the ubuntu-hardened
mailing list