On Thu, Aug 30, 2018 at 08:02:56PM -0000, Salvatore Bonaccorso wrote: > One can still test existence of files with those patches, but I guess > this was explicitly not part of the fixes?
Is there a reproducer? Yes, the open() can fail and we will report back to the user that the open() failed but the user has no way of knowing why it failed since we don't report the errno and stracing will strip the suid bit so you can't get it from the strace and you also need to be root to strace this. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783591 Title: lxc-user-nic allows unprivileged users to open arbitrary files To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
