On 11/01/16 23:36, Serge Hallyn wrote: > The lxc-attach weakness I mentioned does not apply to 'lxc exec', because > lxd interposes a pty between your console and the container's.
I understand that I could do the same (get a fresh PTY before attaching) with (for example): "screen lxc-attach ..." [1] Do you think it will be a good idea to patch lxc-attach to automatically do that (get a fresh PTY before attaching) ? Will this solve all know security issues regarding the usage of lxc-attach ? Or there is something more than I'm missing other than the PTY vulnerability? Regards. [1] https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.html
signature.asc
Description: OpenPGP digital signature
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
