[Bug 1829071] Re: Privilege escalation via LXD (local root exploit)
For the deb we won't be changing the logic at this point and it's in line with what's done for libvirt, changing behavior at this point would cause more harm than good. For the snap, we don't auto-add users and as mentioned earlier, have updated our various documentations (those we maintain anyway) to be clearer about the privileges granted to those with access to the API (and mentioning RBAC for those wanting a safer option). ** Changed in: lxd (Ubuntu) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1829071 Title: Privilege escalation via LXD (local root exploit) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1829071] Re: Privilege escalation via LXD (local root exploit)
** Changed in: lxd (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1829071 Title: Privilege escalation via LXD (local root exploit) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1829071] Re: Privilege escalation via LXD (local root exploit)
Thanks everyone! I appreciate you time and attention on this. Thanks again for your hard work on the LXD project in general, it's a great tool. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1829071 Title: Privilege escalation via LXD (local root exploit) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1829071] Re: Privilege escalation via LXD (local root exploit)
Since this is already public via other sources I have no objections - I would like to see Chris' suggestions in comment:10 investigated by the LXD team to see if these would be suitable as future features to try and attenuate the authority which comes via lxd. ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1829071 Title: Privilege escalation via LXD (local root exploit) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs