seems directory /sys/fs/cgroup/cgmanager is directly mounted from host, so any container can simply remove the cgmanager socket on the host from inside the container:
# rm /sys/fs/cgroup/cgmanager/sock I guess this should not be possible? _______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
