Hi, On Mon, Feb 07, 2011 at 11:40:47AM +1100, Trent W. Buck wrote: > >> In the container, I can use the mount command with the -oremount,rw > >> options and then edit the file from the container. > > > > So the bind read-only mounts are no protection against changing the > > filesystem of the container, but even makes it possible to corrupt the > > _host_ filesystem ... > > > >> Is there a way to disable that behavior and forbid the mount options > > > > Perhaps there should be a drop.caps possibility to prevent remounting > > from within the container. >
8< -- cut -- > Note that, obviously, this means all mounts must be done by > lxc.mount.entry or prior to starting LXC. Indeed. This is a problem with the sshd bind readonly containers, because lxc-init mounts /proc, /dev/shm and /dev/mqueue. With lxc.cap.drop=sys_admin it is therefor not possible to use lxc-init. Would this mean that lxc_setup_fs() should be removed from lxc_init.c and the mounting should be done through the config-file? Cheers, Matto
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ The modern datacenter depends on network connectivity to access resources and provide services. The best practices for maximizing a physical server's connectivity to a physical network are well understood - see how these rules translate into the virtual world? http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
