I noticed that lxc-attach does not run source /etc/profile and that is an issue since we set many environment variables and settings that are needed for what comes next. Is there a workaround?
On Wed, Jan 13, 2016 at 4:49 PM, Serge Hallyn <[email protected]> wrote: > Quoting Carlos Alberto Lopez Perez ([email protected]): > > On 11/01/16 23:36, Serge Hallyn wrote: > > > The lxc-attach weakness I mentioned does not apply to 'lxc exec', > because > > > lxd interposes a pty between your console and the container's. > > > > I understand that I could do the same (get a fresh PTY before attaching) > with > > (for example): "screen lxc-attach ..." [1] > > > > Do you think it will be a good idea to patch lxc-attach to automatically > do > > that (get a fresh PTY before attaching) ? > > Yes, I'd really like someone to do that. It's on my list, > but that list is pretty long. > > > Will this solve all know security issues regarding the usage of > lxc-attach ? > > I think so. > > > Or there is something more than I'm missing other than the PTY > vulnerability? > > > > > > Regards. > > > > [1] https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.html > > > > > > > _______________________________________________ > > lxc-users mailing list > > [email protected] > > http://lists.linuxcontainers.org/listinfo/lxc-users > > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users >
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
