Changing away from 'nogroup' would be good, that's for NFS use (similar
to 'nobody').
Using ACLs to grant the _apt user permission to work with specific files
sounds good to me. Perhaps not all editors know to maintain those when
writing new files with the same name, or perhaps know to fall back
You can of course use ACLs to grant permissions to _apt to individual
files.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668944
Title:
The _apt user ignores group membership.
To manage
Subscribing ubuntu-security as I'd like to hear some insight from the
security team how switching groups would work when sandboxing, and
whether that makes sense.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Has any progress been made on this issue?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668944
Title:
The _apt user ignores group membership.
To manage notifications about this bug go to:
Nowadays our HTTPS implementation works a few layers deeper than what I
talked about three years ago, so we could similar to our auth.conf work
now open all certificate (others also?) files as root before dropping
rights. As that would be best implemented by someone who actually uses
these
Dropping all secondary groups is standard security practice for
sandboxing.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668944
Title:
The _apt user ignores group membership.
To manage
Dictating to people what their PKI policy should be is outside the scope
of apt. Apt must behave properly as per standard unix behaviour, with a
proper working user and a proper working group. Trying to dictate
directory permissions to people breaks automation, breaks orchestration,
and makes it
Ok, but:
Why is it a bad idea to have a shared client certificate between multiple
client applications on the same host?
Why is apt-get just not "respecting" the groups of the _apt user?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
The recommended way is "chown _apt:root FILE && chmod 400 FILE" at the moment.
Ideally we wouldn't need the chown (or have it root:root), but that isn't very
realistic to be implementable without rolling our own TLS stack in the process
at the moment, so we have to make due with that for now.