[Expired for apt (Ubuntu) because there has been no activity for 60
days.]
** Changed in: apt (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1936299
Title
yes, _apt user have read access.can read all files
root@ip-10-0-0-144:/etc/apt/trusted.gpg.d# ls -l *
-rw-r--r-- 1 root root 2796 Mar 29 14:33 ubuntu-keyring-2012-archive.gpg
-rw-r--r-- 1 root root 2794 Mar 29 14:33 ubuntu-keyring-2012-cdimage.gpg
-rw-r--r-- 1 root root 1733 Mar 29 14:33 ubuntu-ke
Make sure that _apt user can read all files in /etc/apt/trusted.gpg.d
and /etc/apt/trusted.gpg and any key files you might have specified via
signed-by in sources.list.
By disabling the sandboxing, it makes it easier for an attacker that
controls the http server to make use of vulnerabilities in t
