snaps using home interface have full access to SNAP_USER_DATA of other snaps
Bug #1575914 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Snappy |
Fix Released
|
High
|
Jamie Strandboge | ||
snapd (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Xenial |
Fix Released
|
High
|
Unassigned | ||
Yakkety |
Fix Released
|
High
|
Unassigned |
Bug Description
When SNAP_USER_DATA changed to be $HOME/snap from $HOME/snaps, the corresponding change was not made to the home interface security policy, resulting in snaps using the home interface having full access to SNAP_USER_DATA of other snaps.
Changed in snapd (Ubuntu Xenial): | |
status: | New → Triaged |
Changed in snapd (Ubuntu Yakkety): | |
status: | New → Triaged |
Changed in snapd (Ubuntu Xenial): | |
importance: | Undecided → High |
Changed in snapd (Ubuntu Yakkety): | |
importance: | Undecided → High |
tags: | added: apparmor |
Changed in snappy: | |
status: | Fix Committed → Fix Released |
Changed in snapd (Ubuntu Yakkety): | |
status: | Triaged → Fix Released |
Changed in snapd (Ubuntu Xenial): | |
status: | Triaged → Fix Released |
To post a comment you must log in.
This is fixed in https:/ /github. com/ubuntu- core/snappy/ pull/1088, which was just merged.