]> git.ipfire.org Git - thirdparty/lxc.git/commit
projects / thirdparty / lxc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f52c0d2) | patch
CVE-2015-1331: lxclock: use /run/lxc/lock rather than /run/lock/lxc
authorSerge Hallyn <serge.hallyn@ubuntu.com>
Fri, 3 Jul 2015 14:26:17 +0000 (09:26 -0500)
committerStéphane Graber <stgraber@ubuntu.com>
Wed, 22 Jul 2015 14:09:09 +0000 (10:09 -0400)
commit72cf81f6a3404e35028567db2c99a90406e9c6e6
treef5902752780bea4b3f5e94d54f42cc66a5c5529etree | snapshot
parentf52c0d2677e365289e921cfd38033c0c987cefd5commit | diff
CVE-2015-1331: lxclock: use /run/lxc/lock rather than /run/lock/lxc

This prevents an unprivileged user to use LXC to create arbitrary file
on the filesystem.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
src/lxc/lxclock.c diff | blob | blame | history
src/tests/locktests.c diff | blob | blame | history
Mirror of https://github.com/lxc/lxc.git