[Touch-packages] [Bug 1569462] [NEW] Isolation of container user and global user needed

[naisanza]

Public bug reported:

When creating a new container, and creating a new user within the
container, if the new user has the same id and gid as a global user, the
processes created within the container are owned by that global user.

This causes unexpected ownership of container processes by users of the
global zone, which shouldn't happen. Processes spawned from a container
zone should be isolated from the global zone users.


Ubuntu Release:

root@lxc:~# lsb_release -rd
Description:    Ubuntu Xenial Xerus (development branch)
Release:        16.04


Package Version:

root@lxc:~# apt-cache policy lxc
lxc:
  Installed: 2.0.0~rc15-0ubuntu1
  Candidate: 2.0.0-0ubuntu1
  Version table:
     2.0.0-0ubuntu1 500
        500 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
        500 http://us.archive.ubuntu.com/ubuntu xenial/main i386 Packages
 *** 2.0.0~rc15-0ubuntu1 100
        100 /var/lib/dpkg/status

** Affects: lxc (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: xenial

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1569462

Title:
  Isolation of container user and global user needed

Status in lxc package in Ubuntu:
  New

Bug description:
  When creating a new container, and creating a new user within the
  container, if the new user has the same id and gid as a global user,
  the processes created within the container are owned by that global
  user.

  This causes unexpected ownership of container processes by users of
  the global zone, which shouldn't happen. Processes spawned from a
  container zone should be isolated from the global zone users.

  
  Ubuntu Release:

  root@lxc:~# lsb_release -rd
  Description:  Ubuntu Xenial Xerus (development branch)
  Release:      16.04

  
  Package Version:

  root@lxc:~# apt-cache policy lxc
  lxc:
    Installed: 2.0.0~rc15-0ubuntu1
    Candidate: 2.0.0-0ubuntu1
    Version table:
       2.0.0-0ubuntu1 500
          500 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
          500 http://us.archive.ubuntu.com/ubuntu xenial/main i386 Packages
   *** 2.0.0~rc15-0ubuntu1 100
          100 /var/lib/dpkg/status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1569462/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp