For those users, getting back to the old way would be a chmod away and I asked Serge to make sure permissions would only be changed once and not with every update, so it should be a one time thing.
As for security, while we don't currently say LXC is secure on Ubuntu, we're not aware of any way to escape a default container (Ubuntu on Ubuntu) starting with 12.04 when running with all default settings (specifically, under apparmor). If you know of a way to do so, I'd love to hear about it so we can adapt our apparmor profile to prevent it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1244635 Title: setuid executables in a container may compromise security on the host To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1244635/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
