Quoting Ferenc Wagner (wf...@niif.hu): > Daniel Lezcano <daniel.lezc...@free.fr> writes: > > > The lxc tools can be run as non-root with all the needed capabilities > > set by lxc-setcap via the file capabilities. The command run by lxc > > won't have these privileges of course. > > I've always regarded such setups as a root shell by design, as it lets > any user mount a filesystem containing a setuid root shell, then create > another on some outside filesystem. > Or is there anything in place to prevent that?
We really really need to get the user namespaces more advanced, so that the container ends up with capabilities targeted to his namespaces, but no capabilities on the host. Eric's userid-namespaces-over-unix-sock patch is finally in net-next, and can be seen as a step in the right direction. (It will prevent root in a container from being seen as privileged by dbus/upstart) -serge ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
