2 matches found
podman: Containers run as non-root users do not drop capabilities
It has been discovered that podman does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container...
jakarta-commons-daemon: jsvc does not drop capabilities allowing access to files and directories owned by the superuser
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for...