JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to an abstract domain socket and guess the JUJU_CONTEXT_ID value. This gives the unprivileged user access to the same information and tools as the Juju charm.
A Pseudo-Random Number Generator (PRNG) is initialized from a predictable seed, such as the process ID or system time.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Juju | Canonical | * | 2.9.51 (excluding) |
Juju | Canonical | 3.1.0 (including) | 3.1.10 (excluding) |
Juju | Canonical | 3.2.0 (including) | 3.2.4 (excluding) |
Juju | Canonical | 3.3.0 (including) | 3.3.7 (excluding) |
Juju | Canonical | 3.4 (including) | 3.4.6 (excluding) |
Juju | Canonical | 3.5.0 (including) | 3.5.4 (excluding) |
Juju | Ubuntu | snap | * |
Juju | Ubuntu | upstream | * |