Branch: refs/heads/staging
Home: https://github.com/lxc/lxc
Commit: 1fb86a7cdc22d22b14d03eb0cbd1aa6702862dd4
https://github.com/lxc/lxc/commit/1fb86a7cdc22d22b14d03eb0cbd1aa6702862dd4
Author: Serge Hallyn <serge.hal...@ubuntu.com>
Date: 2013-09-05 (Thu, 05 Sep 2013)
Changed paths:
M doc/lxc.conf.sgml.in
M src/lxc/conf.c
M src/lxc/conf.h
M src/lxc/confile.c
Log Message:
-----------
introduce lxc.cap.keep
The lxc configuration file currently supports 'lxc.cap.drop', a list of
capabilities to be dropped (using the bounding set) from the container.
The problem with this is that over time new capabilities are added. So
an older container configuration file may, over time, become insecure.
Walter has in the past suggested replacing lxc.cap.drop with
lxc.cap.preserve, which would have the inverse sense - any capabilities
in that set would be kept, any others would be dropped.
Realistically both have the same problem - the sendmail capabilities
bug proved that running code with unexpectedly dropped privilege can be
dangerous. This patch gives the admin a choice: You can use either
lxc.cap.keep or lxc.cap.drop, not both.
Both continue to be ignored if a user namespace is in use.
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
