Public bug reported:
When installing hello-world and launching hello-world.env, I see:
SNAP_LIBRARY_PATH=/var/lib/snapd/lib/gl:
After talking with the snappy developers, SNAP_LIBRARY_PATH is intended
to be used with LD_LIBRARY_PATH, however this trailing colon means that
the current working directory is added to SNAP_LIBRARY_PATH and
therefore LD_LIBRARY_PATH and this can be used as an attack vector.
Granted, the attack is thwarted by apparmor, but best practice dictates
that there should not be a trailing ':', leading ':' or two colons next
to each other ('::') to avoid adding the current directory.
** Affects: snapd (Ubuntu)
Importance: Undecided
Status: New
** Summary changed:
- SNAP_LIBRARY_PATH set to path with trailing ':', which is insecure
+ SNAP_LIBRARY_PATH set to path with trailing ':'
** Description changed:
- When installing hellow-world and launching hello-world.env, I see:
+ When installing hello-world and launching hello-world.env, I see:
SNAP_LIBRARY_PATH=/var/lib/snapd/lib/gl:
After talking with the snappy developers, SNAP_LIBRARY_PATH is intended
to be used with LD_LIBRARY_PATH, however this trailing colon means that
the current working directory is added to SNAP_LIBRARY_PATH and
therefore LD_LIBRARY_PATH and this can be used as an attack vector.
Granted, the attack is thwarted by apparmor, but best practice dictates
that there should not be a trailing ':', leading ':' or two colons next
to each other ('::') to avoid adding the current directory.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1573082
Title:
SNAP_LIBRARY_PATH set to path with trailing ':'
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1573082/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
