[prev in list] [next in list] [prev in thread] [next in thread] 

List:       lxc-devel
Subject:    [lxc-devel] fix security holes when running lxc as non-root
From:       dlezcano () fr ! ibm ! com (Daniel Lezcano)
Date:       2010-07-12 12:56:42
Message-ID: 1278939408-4086-1-git-send-email-dlezcano () fr ! ibm ! com
[Download RAW message or body]

Thanks all for the feedbacks.

The following patchset provides an intermediate solution between
all the remarks about the security aspects when running lxc with
the capabilities.

It has the advantage to be compatible with the setuid bit root set
on the lxc-start and lxc-execute.

More work has to be done, but I prefer to send these patches now as
they are critical in terms of security.




[prev in list] [next in list] [prev in thread] [next in thread]