So options here are to apparmor block it, assuming that no common piece
of software relies on it or to mask it with lxcfs (though that still
allows access to user, so not necessarily ideal).

I'm a bit confused as to why this data is accessible to unprivileged
users in the first place, wouldn't that also allow bypassing some of the
/proc filtering modes?

** Changed in: lxc (Ubuntu)
       Status: New => Triaged

** Changed in: lxc (Ubuntu)
   Importance: Undecided => Wishlist

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1549391

Title:
   /proc/sched_debug Information Leak

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1549391/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to