This bug was fixed in the package system-image - 1.9.1-0ubuntu1
---
system-image (1.9.1-0ubuntu1) saucy; urgency=low
* New upstream release:
- LP: #1240105 - Further refinement of permission checking/fixing.
- LP: #1240106 - Work around some failures in DEP 8 tests.
*
I think I was a bit too aggressive in 1.9 in fixing this, especially in
light of LP: #1233521
Here's the breakdown of directories and files, and what I think we
should do for each:
[system]tempdir - by default /tmp
- This directory should already exist, and we don't own it, so do not chmod if
** Branch linked: lp:~ubuntu-system-image/ubuntu-system-image/client.pkg
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1235975
Title:
Unsafe file and directory permissions
To manage notifications
** Changed in: ubuntu-system-image
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1235975
Title:
Unsafe file and directory permissions
To manage
** Branch linked: lp:ubuntu/saucy-proposed/system-image
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1235975
Title:
Unsafe file and directory permissions
To manage notifications about this bug go
/var/cache/system-image it is, after stgraber pushes a new lxc-android-
container to make that path writable.
For now, I'll create a safe tempdir inside there for the downloads, and
leave any retry/persistence issues to LP: #1236818
--
You received this bug notification because you are a member
I'm starting to dislike creating a safe temporary directory inside of
tempdir. Doing this causes all kinds of cascading problems with the
test suite, and with atexit handling (to ensure this temporary,
temporary directory is properly cleaned up for both graceful and
ungraceful exits).
At this
If still using /tmp/system-image, please use O_EXCL -- we don't have
link restrictions (yama) on the touch images yet.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1235975
Title:
Unsafe file and
** Changed in: ubuntu-system-image
Status: In Progress = Fix Committed
** Changed in: system-image (Ubuntu)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: ubuntu-system-image
Importance: Undecided = Critical
** Changed in: ubuntu-system-image
Status: New = Triaged
** Changed in: ubuntu-system-image
Assignee: (unassigned) = Barry Warsaw (barry)
** Changed in: ubuntu-system-image
Milestone: None = 1.9
--
You
** Changed in: ubuntu-system-image
Milestone: 1.9 = None
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1235975
Title:
Unsafe file and directory permissions
To manage notifications about this
stgraber also suggested in IRC that /tmp may not be a good idea since
that's tmpfs backed and possibly limited in size. The base directory
is configurable in /etc/system-image/client.ini but maybe /var/tmp
/system-image would be a better default base dir. It would have to be
made writable
** Also affects: ubuntu-system-image
Importance: Undecided
Status: New
** Tags added: client
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1235975
Title:
Unsafe file and directory
** Changed in: system-image (Ubuntu)
Importance: Undecided = High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1235975
Title:
Unsafe file and directory permissions
To manage notifications
14 matches
Mail list logo