thanks for your infomation,Serge
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/645625
Title:
lxc container can power-off host machine
To manage notifications about this bug go to:
Quoting Lawrance (lawrancej...@gmail.com):
can somebody show we how to solve this problem with appamor, i install
openstack with lxc installed, and i can use echo b /proc/sysrq-trigger to
power-off host.
sorry,i'am newbie to appamor...
thanks
Openstack uses libvirt-lxc. The apparmor
can somebody show we how to solve this problem with appamor, i install
openstack with lxc installed, and i can use echo b /proc/sysrq-trigger to
power-off host.
sorry,i'am newbie to appamor...
thanks
--
You received this bug notification because you are a member of Ubuntu
Server Team, which
Quoting maxadamo (645...@bugs.launchpad.net):
don't want to argue, but may I ask why you decided to tag the urgency of this
issue as low?
Because of the many ways that root in a container can mess with a host,
this is only one.
One can stop 30 containers and the host machine and the host
It's correct what you wrote.
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/645625
Title:
lxc container can power-off host machine
To manage notifications about this bug go
don't want to argue, but may I ask why you decided to tag the urgency of this
issue as low?
One can stop 30 containers and the host machine and the host machine, by
issuing a simple command on one of the containers and you say urgency is just
low? Wasn't it at least medium, if not high?
cheers.
This bug was fixed in the package lxc - 0.7.5-3ubuntu41
---
lxc (0.7.5-3ubuntu41) precise; urgency=low
* add lxc-shutdown command:
- 0060-lxc-shutdown: add the command to the source
- debian/lxc.upstart: use lxc-shutdown to shut down containers cleanly
-
This is partially solved by the new apparmor policy, and will be Closed
once the new apparmor mount restrictions are available and exploited in
the lxc apparmor policy (soon).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug
** Changed in: lxc (Ubuntu)
Status: Confirmed = Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is a direct subscriber.
https://bugs.launchpad.net/bugs/645625
Title:
lxc container can power-off host machine
--
Ubuntu-server-bugs
Thanks for taking an interest and reporting this bug.
You can use LSMs to mitigate this to some extent. However the real
solution will be completion of the user namespace and proc filtering.
Both are well-known and substantial todo items.
I am marking this Triaged as (a) the proper solution is
10 matches
Mail list logo
