Bug#777649: cgmanager security update for jessie
Quoting Niels Thykier (niels@thykier.net):
> Ok, are we guaranteed that pcgpath ends with the path separator? Consider:
No in fact I think we're guaranteed it won't.
> "/foo/bar"
> "/foo/bar2/somewhere-else"
>
> Unless the path separator is included in the end (i.e. it always uses
> "/foo/bar/" instead of "/foo/bar"), then it might still be possible to
> by-pass the prefix test.
Indeed it will, thanks! I'm going to write a patch which commonizes
the checks and takes care of this case. I'll get it into the next
release and send a patch for jessie tonight or tomorrow.
Note that ownership checks still apply, so the task in /foo/bar
could only affect /foo/bar2 if it owns /foo/bar2. Or if it is
root, but root in a privileged container will be locked under
/lxc/$container. So this should be less urgent than the larger
fix already addressed.
Reply to: