Comment 1 for bug 1447871
Revision history for this message
| Tristan Cacqueray (tristan-cacqueray) wrote Re: Several insecure /tmp usage in guestagent | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
70fb091
demo site
(Get the code!)
Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.
I guess these issues boil down to whenever the guestagent is running on an exposed instance and/or shell access are being granted to user. I don't think this should be considered as a vulnerability per se, but better be safe than sorry.