Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Jan 2017 23:42:21 +0000
From: KellerFuchs <>
Subject: Re: Firejail local root exploit

On Wed, Jan 04, 2017 at 02:12:48PM +0100, Sebastian Krahmer wrote:
> Hi
> Please find attached PoC for firejail, which seems to be quite
> popular sandboxing tool.
> Sebastian

Hi Sebastian,

Thanks a lot for discovering this issue.

For information:
- this specific issue can be mitigated by setting `x11 no` in `/etc/firejail/firejail.config`, as in
- the initial fix commited by netblues (firejail's dev) is racy:


  Keller Fuchs

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ