This bug was fixed in the package lxc - 1.0.0~alpha1-0ubuntu13
---------------
lxc (1.0.0~alpha1-0ubuntu13) saucy-proposed; urgency=low
* debian/rules and debian/lxc.postinst: set /var/lib/lxc and /var/cache/lxc
to be perms 700. That prevents unprivileged users from running setuid-root
applications. Install that way by default, and for any previous versions,
update the permissions. After this version, respect the user's choice.
(LP: #1244635)
-- Serge Hallyn <[email protected]> Mon, 04 Nov 2013 08:12:35 -0600
** Changed in: lxc (Ubuntu Saucy)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1244635
Title:
setuid executables in a container may compromise security on the host
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1244635/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
