Ariadne Conill 🐰 on Nostr: new container escape vulnerability just dropped (specific to flatpak): ...
new container escape vulnerability just dropped (specific to flatpak):
https://www.openwall.com/lists/oss-security/2024/04/18/5it’s because flatpak is a shim on top of bwrap, and they forgot to use a — to stop getopt processing.
guess which other container ecosystem is a pile of shims on shims? 🙃
Published at
2024-05-05 18:07:40Event JSON
{
"id": "80957271297765cd22b8f42fc5a2718b6c64c59eda510d1140b36cbf66af2341",
"pubkey": "6717b79cc3b95a2983ba3d46d573879d609b53f354867e1eb24c2c87e0bd5fc0",
"created_at": 1714932460,
"kind": 1,
"tags": [
[
"proxy",
"https://social.treehouse.systems/users/ariadne/statuses/112389813741711973",
"activitypub"
]
],
"content": "new container escape vulnerability just dropped (specific to flatpak): https://www.openwall.com/lists/oss-security/2024/04/18/5\n\nit’s because flatpak is a shim on top of bwrap, and they forgot to use a — to stop getopt processing.\n\nguess which other container ecosystem is a pile of shims on shims? 🙃",
"sig": "0c26014436423479ad30754adf5cb6f365189da2c3db04403c876f294dd122d83b8f363ec01a896d15b927dfec4a7180ef495629e944bfa31548b58f092ab3ca"
}
