Hi,
On 12/06/2026 13:50, Bastien Roucaries wrote:
I found that systemd-tempfile support was introduced by 2.57.6
https://github.com/canonical/snapd/commit/6226cdc57052f4b7057d92f2e549aa169e35cd2d
Therefore bullseye not affected.
AFAIU snapd is vulnerable when it works in /tmp/snap-private-tmp without
a careful creation and clean-up policy for this directory.
Dropping systemd-tempfile entirely would make it even more vulnerable.
Incidentally, as I noted in dla-needed.txt, stock bullseye is not
affected, but for a different reason:
NOTE: 20260324: Debian <=bookworm doesn't prune /tmp by default (cf.
/usr/lib/tmpfiles.d/tmp.conf),
NOTE: 20260324: but a local administrator could change that, so I'd
suggest fixing anyway
Cheers!
Sylvain