Hi,

On 12/06/2026 13:50, Bastien Roucaries wrote:
I found that systemd-tempfile support was introduced by 2.57.6
https://github.com/canonical/snapd/commit/6226cdc57052f4b7057d92f2e549aa169e35cd2d

Therefore bullseye not affected.

AFAIU snapd is vulnerable when it works in /tmp/snap-private-tmp without a careful creation and clean-up policy for this directory.

Dropping systemd-tempfile entirely would make it even more vulnerable.

Incidentally, as I noted in dla-needed.txt, stock bullseye is not affected, but for a different reason: NOTE: 20260324: Debian <=bookworm doesn't prune /tmp by default (cf. /usr/lib/tmpfiles.d/tmp.conf), NOTE: 20260324: but a local administrator could change that, so I'd suggest fixing anyway

Cheers!
Sylvain

Reply via email to