oss-sec mailing list archives
Re: cve request: systemd-machined: information exposure for docker containers
From: Shiz <hi () shiz me>
Date: Mon, 1 Aug 2016 12:24:21 +0200
On 28 Jul 2016, at 16:42, Simon McVittie <smcv () debian org> wrote: *Which* unprivileged user processes? If the unprivileged user processes are not in a container, they can get a significant amount of the same information by reading the host's /proc.
Except if a host is running with hidepid={1,2}, which is not entirely uncommon
especially in hardened systems. In that regard it /does/ qualify as infoleak.
- Shiz
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Current thread:
- cve request: systemd-machined: information exposure for docker containers CAI Qian (Jul 26)
- Re: cve request: systemd-machined: information exposure for docker containers cve-assign (Jul 26)
- Re: Re: cve request: systemd-machined: information exposure for docker containers Christian Rebischke (Jul 27)
- Re: Re: cve request: systemd-machined: information exposure for docker containers Daniel J Walsh (Jul 27)
- Re: Re: cve request: systemd-machined: information exposure for docker containers Christian Rebischke (Jul 27)
- Re: cve request: systemd-machined: information exposure for docker containers Jesse Hertz (Jul 27)
- Re: cve request: systemd-machined: information exposure for docker containers Jessica Frazelle (Jul 27)
- Re: cve request: systemd-machined: information exposure for docker containers Daniel J Walsh (Jul 28)
- Re: cve request: systemd-machined: information exposure for docker containers Simon McVittie (Jul 28)
- Re: cve request: systemd-machined: information exposure for docker containers Daniel J Walsh (Jul 28)
- Re: cve request: systemd-machined: information exposure for docker containers Shiz (Aug 01)
- Re: cve request: systemd-machined: information exposure for docker containers Daniel J Walsh (Aug 03)
- Re: cve request: systemd-machined: information exposure for docker containers CAI Qian (Aug 10)
- Re: cve request: systemd-machined: information exposure for docker containers Daniel J Walsh (Aug 10)
- Re: Re: cve request: systemd-machined: information exposure for docker containers Christian Rebischke (Jul 27)
- Re: cve request: systemd-machined: information exposure for docker containers cve-assign (Jul 26)