touch-packages team mailing list archive

Thread
Date

[Bug 1261045] Re: Security bugfix in lxc-sshd template: add ro to the init-script

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Stéphane Graber <stgraber@xxxxxxxxxxxx>
Date: Mon, 09 Nov 2015 20:06:09 -0000
Reply-to: Bug 1261045 <1261045@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: lxc (Ubuntu Precise)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1261045

Title:
  Security bugfix in lxc-sshd template: add ro to the init-script

Status in lxc package in Ubuntu:
  Fix Released
Status in lxc source package in Precise:
  Won't Fix
Status in lxc source package in Quantal:
  Won't Fix
Status in lxc source package in Raring:
  Won't Fix
Status in lxc source package in Saucy:
  Fix Released
Status in lxc source package in Trusty:
  Fix Released

Bug description:
  Being logged in inside a container that was created with the lxc-sshd
  template the mount of $rootfs/sbin/init allows to modify the init
  script of the container. So harm could be done to the host system at
  the next execution of lxc-start or lxc-create -t sshd. This can be
  used to gain root access since lxc is likely to be run by root.

  -lxc.mount.entry=@LXCTEMPLATEDIR@/lxc-sshd $rootfs/sbin/init none bind 0 0
  +lxc.mount.entry=@LXCTEMPLATEDIR@/lxc-sshd $rootfs/sbin/init none ro,bind 0 0

  (see https://github.com/dotcloud/lxc/pull/1)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1261045/+subscriptions