new shared-memory interface causes /dev/shm/<snap> dir to have world-write permissions
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd |
Fix Released
|
Critical
|
Unassigned |
Bug Description
The new zoom-client revision uses the new shared-memory interface. Before this upgrade, I observed that /dev/shm/
$ ls -ld /dev/shm
drwxrwxrwt 3 root root 60 Apr 21 07:43 /dev/shm
$ snap version
snap 2.55.3
snapd 2.55.3
series 16
ubuntu 20.04
kernel 5.4.0-107-generic
$ snap list zoom-client
Name Version Rev Tracking Publisher Notes
zoom-client 5.10.3.2778 175 latest/stable ogra -
The previous revision of zoom-client was 170.
Note, if debugging this, you may need to first:
$ snap refresh zoom-client
$ sudo /snap/snapd/
$ sudo rmdir /dev/shm/
otherwise zoom-client going from 170 to 175 fails to start (write(2,
"[0421/
information type: | Private Security → Public Security |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in snapd: | |
importance: | Undecided → Critical |
Changed in snapd: | |
status: | Confirmed → Fix Released |
Hmm it looks like this was (un)intentional if I am reading this correctly - https:/ /github. com/snapcore/ snapd/commit/ 2dd614a92b15d00 52d04af1682bb77 8dc134f947# diff-5f9470adea 92e967613bf2333 af9c9c47d71f9c5 8cd423206f56ac6 73d40d41cR90