Matto Fransen <ma...@matto.nl> writes: > Hi, > > On Mon, Feb 07, 2011 at 11:40:47AM +1100, Trent W. Buck wrote: > >> >> In the container, I can use the mount command with the -oremount,rw >> >> options and then edit the file from the container. >> > >> > So the bind read-only mounts are no protection against changing the >> > filesystem of the container, but even makes it possible to corrupt the >> > _host_ filesystem ... >> > >> >> Is there a way to disable that behavior and forbid the mount options >> > >> > Perhaps there should be a drop.caps possibility to prevent remounting >> > from within the container. >> > > 8< -- cut -- > >> Note that, obviously, this means all mounts must be done by >> lxc.mount.entry or prior to starting LXC. > > Indeed. > > This is a problem with the sshd bind readonly containers, because > lxc-init mounts /proc, /dev/shm and /dev/mqueue. > With lxc.cap.drop=sys_admin it is therefor not possible to use > lxc-init. > > Would this mean that lxc_setup_fs() should be removed from > lxc_init.c and the mounting should be done through the config-file?
I'm not sure what you mean there, but I do mounting with lxc.mount (or lxc.mount.entry), i.e. within the lxc .conf file. ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
