Thanks Marc! I suspected as much, but I thought I'd ask to be sure.
Since it's just released, sysadmins will be happy to find the above
clarification in this thread, which helps planning reboots.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
it's more security hardening than an actual vulnerability, and even then
then only reason it got fixed is because the mtab was listing it wrong.
If an administrator is specifically mounting certain partitions noexec,
they may have been thinking that /run was noexec also even though it
wasn't.
--
Sorry for the naive question, but how severe are the security
implications of this? Does there exist a CVE, or otherwise a discussion
of the implications?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.n
Thanks Marc. Confirmed working on my 12.04 install.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1152744
Title:
mountall is lying about /run's noexec
To manage notifications about this bug
This bug was fixed in the package initramfs-tools - 0.103ubuntu0.2.2
---
initramfs-tools (0.103ubuntu0.2.2) quantal-security; urgency=medium
* SECURITY UPDATE: incorrect tmpfs mount options (LP: #1152744)
- init: Sync the mount options for /run from /lib/init/fstab.
-- Marc Des
This bug was fixed in the package initramfs-tools - 0.99ubuntu13.5
---
initramfs-tools (0.99ubuntu13.5) precise-security; urgency=medium
* SECURITY UPDATE: incorrect tmpfs mount options (LP: #1152744)
- init: Sync the mount options for /run from /lib/init/fstab.
-- Marc Deslaur
** Also affects: initramfs-tools (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: initramfs-tools (Ubuntu Trusty)
Importance: Medium
Status: Fix Released
** Also affects: initramfs-tools (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also a
This problem still exists on 12.04 LTS, current as of March 12. Given
its security nature, the fix should be backported.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1152744
Title:
mountall
This problem still exists on 12.04 LTS, current as of March 12. Given
its security nature, the fix should be backported.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1152744
Title:
mountall
This bug was fixed in the package initramfs-tools - 0.103ubuntu0.7
---
initramfs-tools (0.103ubuntu0.7) raring; urgency=low
* src/wait-for-root.c: Set udev monitor socket to blocking, as we want to
wait for events. (LP: #1154813)
-- Martin PittThu, 14 Mar 2013 07:08:06 +010
This is a result of /run being mounted from the initramfs. mountall
doesn't attempt to remount any filesystems that are already mounted, it
just records them in /etc/mtab with 'mount -f'. This has previously
been reported as bug #1039887.
I think having the wrong default mount options for /run i
** Information type changed from Private Security to Public Security
** Changed in: mountall (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1152744
Title:
mo
12 matches
Mail list logo
