To disable the ability to trigger a reboot of the host system by sending "b" to /proc/sysrq-trigger inside a container, I've dropped CAP_SYS_ADMIN and set readonly for the /proc mount-point.
I'm interested what else capabilities are recommended to drop when using LXC as a system container? Thanks, Christoph On 04/19/2011 01:01 PM, richard -rw- weinberger wrote: > On Tue, Mar 22, 2011 at 10:20 AM, Nathan McSween <nwmcsw...@gmail.com> wrote: >> Can I get a quick rundown of what is implemented w.r.t UID/GID >> containerization, is it safe yet to give containerized root to an >> everyday user without huge security issues? > > Drop all dangerous capabilities and mount /proc read-only. > > HTH, > //richard > >> ------------------------------------------------------------------------------ >> Xperia(TM) PLAY >> It's a major breakthrough. An authentic gaming >> smartphone on the nation's most reliable network. >> And it wants your games. >> http://p.sf.net/sfu/verizon-sfdev >> _______________________________________________ >> Lxc-devel mailing list >> Lxc-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/lxc-devel >> > > > ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
