As for the forwarding issue, there is a check now in place to prevent such things from happening in the future, that's the argument check in the receiver.
For the case where as user is running the pre-security upload version of apport in a container and this post-security upload version on the host, then the container will indeed receive one more argument than it needs but I don't think there's much we can do about this. In this case, the host would send "<pid> <signal> <ulimit> <dump mode>" to the container. The container would then set its sys.argv to match, effectively putting the dump mode as the global pid. This is obviously not going to work well and will result in apport crashing in the container. As far as I can tell this isn't exploitable and will get resolved as soon as the container is upgraded. The check I put in place will prevent this from happening again and once we get named arguments, the problem will go away for good while retaining backward compatibility. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1732518 Title: Please re-enable container support in apport Status in apport package in Ubuntu: Triaged Status in apport source package in Xenial: Triaged Status in apport source package in Zesty: Triaged Status in apport source package in Artful: Triaged Status in apport source package in Bionic: Triaged Bug description: The latest security update for apport disabled container crash forwarding, this is a feature which users do rely on in production and while it may have been appropriate to turn it off to put a security update out, this needs to be re-enabled ASAP. I provided a patch which fixed the security issue before the security issue was publicly disclosed so pushing an SRU to all Ubuntu releases re-enabling this code should be pretty trivial. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1732518/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
