Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 3 Aug 2016 09:27:00 +0200
From: Daniel J Walsh <dwalsh@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: cve request: systemd-machined: information
 exposure for docker containers



On 08/01/2016 12:24 PM, Shiz wrote:
>> On 28 Jul 2016, at 16:42, Simon McVittie <smcv@...ian.org> wrote:
>>
>> *Which* unprivileged user processes?
>>
>> If the unprivileged user processes are not in a container, they can get a
>> significant amount of the same information by reading the host's /proc.
> Except if a host is running with hidepid={1,2}, which is not entirely uncommon
> especially in hardened systems. In that regard it /does/ qualify as infoleak.
>
> - Shiz
Then simply rpm -e oci-register-machine

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.