** Changed in: linux (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/460925
Title:
Kernel log message corruption due to incomplete /proc separation
Status in linux package in Ubuntu:
Fix Released
Status in lxc package in Ubuntu:
Fix Released
Bug description:
Binary package hint: lxc
When using LXC (linux containers), /proc/kmsg can be read in guest
systems in their filtered view of /proc. This special file should
never be present in guest systems, and if created within a guest
system, it should be effectively using /dev/null as it's source. The
effect of this bug ranges from simply annoying to potentially a
security issue in that kernel messages are allowed to be destroyed and
never fully logged on the host system, which could be used to cover
evidence of some sort of attack on the system.
I'm adding the kernel team as well, as this could be an issue inside
the kernel. I'm not sure if /proc filtration happens there or in the
context of the lxc userland utilities.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/460925/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
