Comment 11 for bug 1244635
Revision history for this message
| Serge Hallyn (serge-hallyn) wrote Re: [Bug 1244635] Re: setuid executables in a container may compromise security on the host | #11 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Quoting Seth Arnold (<email address hidden>):
> Serge, what does " After this version, respect the user's choice." mean?
It means if the user manually chmods /var/lib/lxc to 755, we don't
change it again after this. (Except, see below)
> Does this mean someone upgrading from e.g. 12.04.3 lxc packages to 14.04
> lxc packages -- skipping this update -- would have the 'unsafe'
> permissions?
>
> Or will this check be carried before to e.g. 14.04 lxc packages and only
> execute once, allowing an administrator to undo the change?
The test for package version will be kept until at least after
14.04. Since the trusty lxc version checks for the
1.0.0~alpha2-
this check. Which sort of belies my statement that user
choices will be respected.