touch-packages team mailing list archive

Thread
Date

[Bug 1472142] Re: /var/cache/lxc not world readable

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Serge Hallyn <1472142@xxxxxxxxxxxxxxxxxx>
Date: Mon, 20 Jul 2015 16:25:55 -0000
Reply-to: Bug 1472142 <1472142@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Thanks for filling this report.

The issue isn't really "secrets" being exposed in the cache, but rather
setuid-root or file-capability-endowed binaries in the rootfs,
especially if they become stale and contain a CVE.  Lxc can't be sure
where third-party templates have stored such binaries, so if
/var/cache/lxc was 755 then every subdirectory would need to be 700, and
we'd have to worry about a bug leaving one open.

If you "know what you're doing" then you can chmod /var/cache/lxc on
your systems to 755, and lxc won't revert those permissions against your
will.  But I'm afraid we have to mark this wontfix.  Too bad, because I
agree it *is* inconvenient.


** Changed in: lxc (Ubuntu)
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1472142

Title:
  /var/cache/lxc not world readable

Status in lxc package in Ubuntu:
  Won't Fix

Bug description:
  I am interested in priming the lxc cache on new hosts, but this is
  problematic because /var/cache/lxc is not world readable.

  Could it become world readable?

  This bug should be WONTFIX if the cache can contain secrets or
  'private' images. But ideally these would be declared private and
  protected at the next level down.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1472142/+subscriptions

References

[Bug 1472142] [NEW] /var/cache/lxc not world readable
From: Stuart Bishop, 2015-07-07