[Bug 1244635] Re: setuid executables in a container may compromise security on the host
Launchpad Bug Tracker
1244635 at bugs.launchpad.net
Tue Nov 5 16:14:03 UTC 2013
This bug was fixed in the package lxc - 0.8.0~rc1-4ubuntu39.12.10.5
---------------
lxc (0.8.0~rc1-4ubuntu39.12.10.5) quantal-proposed; urgency=low
* add mkdir before chown of /var/{lib,cache}/lxc to avoid build
failure.
lxc (0.8.0~rc1-4ubuntu39.12.10.4) quantal-proposed; urgency=low
* debian/rules and debian/lxc.postinst: set /var/lib/lxc and /var/cache/lxc
to be perms 700. That prevents unprivileged users from running setuid-root
applications. Install that way by default, and for any previous versions,
update the permissions. After this version, respect the user's choice.
(LP: #1244635)
* 0312-ubuntu-Improper-pty-permissions.patch: fix permissions with which
devpts is mounted in containers. (LP: #1242913)
-- Serge Hallyn <serge.hallyn at ubuntu.com> Tue, 29 Oct 2013 23:17:06 -0500
** Changed in: lxc (Ubuntu Quantal)
Status: Fix Committed => Fix Released
** Changed in: lxc (Ubuntu Raring)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1244635
Title:
setuid executables in a container may compromise security on the host
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1244635/+subscriptions
More information about the Ubuntu-server-bugs
mailing list