[Bug 1244635] Re: setuid executables in a container may compromise security on the host
Serge Hallyn
1244635 at bugs.launchpad.net
Fri Oct 25 21:11:42 UTC 2013
Thanks for pointing this out. I don't believe it would be a serious
loss of functionality to chmod 0700 /var/lib/lxc. I also don't feel
that this is a high priority bug since, so far, we do not recommend
allowing unprivileged users to use containers. So I think a regular
update in trusty with SRUs to all previous releases is ok.
** Changed in: lxc (Ubuntu)
Importance: Undecided => Medium
** Changed in: lxc (Ubuntu)
Status: New => Triaged
** Also affects: lxc (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: lxc (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: lxc (Ubuntu Saucy)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1244635
Title:
setuid executables in a container may compromise security on the host
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1244635/+subscriptions
More information about the Ubuntu-server-bugs
mailing list