Comment 10 for bug 1999622

Hello Ian, yhy,

Please use CVE-2023-0092 for this issue.

Does this attack vector require an authenticated user?
What model, controller, or cloud access settings are required to allow this attack to succeed?
What model, controller, or cloud access settings mean the user has code execution privileges?

Does https://github.com/juju/juju/pull/15006 handle this case:
juju download-backup /var/snap/juju-db/common/backups/../../../../../etc/passwd

I'd love to see some tests added for this and relative paths.

Thanks