*** This bug is a security vulnerability ***
Public security bug reported:
LXD uses systemd socket activation to start the daemon except at
installation time where the daemon is started directly.
Systemd defaults to 0666 for its unix sockets instead of respecting
umask, leading to /var/lib/lxd/unix.socket being world writable instead
of being restricted to the lxd group as it should be.
The fix is simply to specify a mode of 0660 in the systemd unit.
This affects LXD in wily, xenial and trusty-backports. vivid's version
is unaffected as we didn't have socket activation back then.
** Affects: lxd (Ubuntu)
Importance: Critical
Status: Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1515689
Title:
Wrong mode on unix.socket when socket activated
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1515689/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
