Thanks for taking an interest and reporting this bug. You can use LSMs to mitigate this to some extent. However the real solution will be completion of the user namespace and proc filtering. Both are well-known and substantial todo items.
I am marking this Triaged as (a) the proper solution is known, and (b) the community is slowly but surely addressing it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/645625 Title: lxc container can power-off host machine -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
