Make sure that _apt user can read all files in /etc/apt/trusted.gpg.d
and /etc/apt/trusted.gpg and any key files you might have specified via
signed-by in sources.list.
By disabling the sandboxing, it makes it easier for an attacker that
controls the http server to make use of vulnerabilities in the HTTP,
TLS, GPG stacks as they process this untrusted data as root instead of
an unprivileged user (ok, there is another APT-specific escape hatch in
the sandbox that also needs fixing, but still, improves security
somewhat).
** Changed in: apt (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1936299
Title:
ubuntu 18.04.5 LTS apt update "Unknown error executing apt-key"
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1936299/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
