Sunday, January 29, 2017

Flatpak 0.8.2 Security Fix Improves the Linux Application Sandboxing Framework

Flatpak developer Alex Larsson is announcing the release of the second bugfix and security update to the Flatpak 0.8 stable series, an open-source project that provides a Linux application sandboxing and distribution framework, formerly XDG-App.

Flatpak 0.8.2 is a security fix release that needs to be installed on your computer immediately, as it addresses a critical bug where various of the bind-mounts the framework implements on your system could have been modified. These include system fonts, extensions, machine-id, localtime, and resolv.conf.

"Some of the bind-mounts that flatpak sets up were not read-only as they should have. This includes: extensions, system fonts, resolv.conf, localtime, and machine-id. Many of these are typically only writable by root, but some, like the user-specific fonts and user-installed extensions could be modified from the sandbox," said Alex Larsson.

DRI ac... (read more)

from Softpedia News / Linux http://ift.tt/2jHtx2u
via IFTTT
at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Playing Grand Theft Auto Inside A Neural Network’s Hallucination? It’s Possible!

Ever imagined what a Neural Network's hallucination would look like? The post Playing Grand Theft Auto Inside A Neural Network’s Halluc...