Thanks for pointing this out. I don't believe it would be a serious
loss of functionality to chmod 0700 /var/lib/lxc. I also don't feel
that this is a high priority bug since, so far, we do not recommend
allowing unprivileged users to use containers. So I think a regular
update in trusty with SRUs to all previous releases is ok.
** Changed in: lxc (Ubuntu)
Importance: Undecided => Medium
** Changed in: lxc (Ubuntu)
Status: New => Triaged
** Also affects: lxc (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: lxc (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: lxc (Ubuntu Saucy)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1244635
Title:
setuid executables in a container may compromise security on the host
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1244635/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
