~mgedmin/apport/fix-lp1453011

Viewing all changes in revision 2948.

  • Committer: Martin Pitt
  • Date: 2015-04-16 22:00:42 UTC
  • Revision ID: martin.pitt@canonical.com-20150416220042-fxbbu2vmp1riffs6
* SECURITY UPDATE: Disable crash forwarding to containers. The previous fix in 2.17.1 was not sufficient against all attack scenarios. By binding to specially crafted sockes, a normal user program could forge arbitrary entries in /proc/net/unix. We cannot currently rely on a kernel-side solution for this; this feature will be re-enabled once it gets re-done to be secure. (LP: #1444518)

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: