I reviewed lxc 0.9.0-0ubuntu18 as checked into saucy. This is not a complete security audit but only a quick gauge of code cleanliness.
I previously reviewed lxc (0.9.0~rc1-0ubuntu3), details here: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/509647/comments/4 The code quality of the Python bindings has improved drastically. The lock ordering with lxc_container_free() has been addressed. Well done on both counts. Many of the less-important problems I found are still available to be fixed (an opportunity for someone who is looking to get started in contributing to Ubuntu, perhaps) but one issue remains that is still a blocker for main: most binaries are lacking one or more of the security hardening tools offered by the toolchain. So: Please enable PIE, stack protection, and immediate binding for all binaries. This is the final hurdle. :) Thanks ** Changed in: lxc (Ubuntu) Assignee: Seth Arnold (seth-arnold) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/509647 Title: [MIR] lxc To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/509647/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
