This appears to already be fixed; when running the reproducer it fails
to fchmod:
Feb 24 13:11:24 lp1814596-b breakout_assisted[16574]: got rootfd from other
chroot...
Feb 24 13:11:24 lp1814596-b breakout_assisted[16574]: chdir successful, am now
in /home/ubuntu/systemd_uidleak
Feb 24 13:11:24 lp1814596-b breakout_assisted[16574]: breakout_assisted:
fchmod: Operation not permitted
** Changed in: systemd (Ubuntu Bionic)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1814596
Title:
DynamicUser can create setuid binaries when assisted by another
process
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1814596/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
