Comment 45 for bug 1783591
Revision history for this message
| Christian Brauner (cbrauner) wrote Re: [Bug 1783591] Re: lxc-user-nic allows unprivileged users to open arbitrary files | #45 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
On Thu, Aug 30, 2018 at 08:02:56PM -0000, Salvatore Bonaccorso wrote:
> One can still test existence of files with those patches, but I guess
> this was explicitly not part of the fixes?
Is there a reproducer?
Yes, the open() can fail and we will report back to the user that the
open() failed but the user has no way of knowing why it failed since we
don't report the errno and stracing will strip the suid bit so you can't
get it from the strace and you also need to be root to strace this.