Hi, I'm not sure what I've done wrong here, but I've added the sleep at line 1707 after the drop_caps call and tried to strace the child process without success.
This is the output I got: strace: attach: ptrace(PTRACE_ATTACH, ...): Operation not permitted Could not attach to process. If your uid matches the uid of the target process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try again as the root user. For more details, see /etc/sysctl.d/10-ptrace.conf But since it isn't clear how to confirm the new release doesn't contain the CVE anyways, could we mark this as verification-done and accept it into Ubuntu Yakkety? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1643734 Title: privilege escalation via ptrace (CVE-2016-8659) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bubblewrap/+bug/1643734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
