Thank you for using Ubuntu and reporting a bug. ping is a setuid program:
$ ls -l /bin/ping
-rwsr-xr-x 1 root root 35712 Nov 8 2011 /bin/ping
This means when a user uses ping the uid to be evaluated in your
iptables rule is 'root'. It is not a setgid application so when you
apply your second rule it is blocked (the gid of the user is used, and
it doesn't match 'root' as specified in your rule).
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Package changed: ubuntu => iptables (Ubuntu)
** Changed in: iptables (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1028849
Title:
iptables applies "---uid-owner=root" to ALL users
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1028849/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
