Chris, I've just read your blog post at:
https://shenaniganslabs.io/2019/02/13/Dirty-Sock.html
There you install a snap in devmode, which does a bunch of things to
demonstrate that the snap can access system resources via the
vulnerability in <2.37. Just for the record, it's slightly undue to
claim that the snap is exploiting the system in that scenario, because a
snap in devmode already has full access to the system anyway. No need
for any exploits. If you install a snap in devmode, you gave root to the
snap:
--devmode Put snap in development mode and
disable security confinement
If the snap was installed without devmode, it wouldn't not have access
to the socket.
Again, thanks for the report. Just wanted to clarify this point.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1813365
Title:
Local privilege escalation via snapd socket
To manage notifications about this bug go to:
https://bugs.launchpad.net/snapd/+bug/1813365/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
