On Jul 15, 2011 12:01 PM, "Michael H. Warfield" <m...@wittsend.com> wrote:
>
> Unfortunately, I also still find that if there's a -o remount,ro in the
> halt/reboot script, it still sets /dev/pts to ro and that still
> propagates to the host and to the other containers triggering random
> acts of terrorism like "unable to create pty/0" in the containers and
> inability to start new containers in the host.  Not sure if we can apply
> a bind to that or not.

Doesn't `-o newinstance` mount option to devpts mounts prevent this?  It
should privatize the devices for each ... its best to mount host this way
too -- then set symlink for each:

/dev/ptmx -> /dev/pts/ptmx

> The kernel should also prohibit, totally, the propagation of remount
> options from inside a container to the outer host or to other
> containers.  That is tantamount to a security vulnerability and clearly
> a violation of container isolation.

But not all use cases are system containers, eg 100% isolated.  Isn't a
slave mount enough to prevent this?  I'd have to check but I *thought* bind
mounts only responded to the `ro` flag ... and the new mount NS I'd think
would play a role too ... not sure details offhand.

C Anthony [mobile]
------------------------------------------------------------------------------
AppSumo Presents a FREE Video for the SourceForge Community by Eric 
Ries, the creator of the Lean Startup Methodology on "Lean Startup 
Secrets Revealed." This video shows you how to validate your ideas, 
optimize your ideas and identify your business strategy.
http://p.sf.net/sfu/appsumosfdev2dev
_______________________________________________
Lxc-users mailing list
Lxc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users

Reply via email to