So options here are to apparmor block it, assuming that no common piece
of software relies on it or to mask it with lxcfs (though that still
allows access to user, so not necessarily ideal).

I'm a bit confused as to why this data is accessible to unprivileged
users in the first place, wouldn't that also allow bypassing some of the
/proc filtering modes?

** Changed in: lxc (Ubuntu)
       Status: New => Triaged

** Changed in: lxc (Ubuntu)
   Importance: Undecided => Wishlist

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

   /proc/sched_debug Information Leak

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to