For the deb we won't be changing the logic at this point and it's in
line with what's done for libvirt, changing behavior at this point would
cause more harm than good.
For the snap, we don't auto-add users and as mentioned earlier, have
updated our various documentations (those we maintain
** Changed in: lxd (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1829071
Title:
Privilege escalation via LXD (local root exploit)
To manage notifications
Thanks everyone! I appreciate you time and attention on this. Thanks
again for your hard work on the LXD project in general, it's a great
tool.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1829071
Since this is already public via other sources I have no objections - I
would like to see Chris' suggestions in comment:10 investigated by the
LXD team to see if these would be suitable as future features to try and
attenuate the authority which comes via lxd.
** Information type changed from
