Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 1 Aug 2016 12:24:21 +0200
From: Shiz <hi@...z.me>
To: oss-security@...ts.openwall.com
Subject: Re: cve request: systemd-machined: information exposure for docker containers


> On 28 Jul 2016, at 16:42, Simon McVittie <smcv@...ian.org> wrote:
> 
> *Which* unprivileged user processes?
> 
> If the unprivileged user processes are not in a container, they can get a
> significant amount of the same information by reading the host's /proc.

Except if a host is running with hidepid={1,2}, which is not entirely uncommon
especially in hardened systems. In that regard it /does/ qualify as infoleak.

- Shiz

Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.