[lxc-devel] fix security holes when running lxc as non-root
Daniel Lezcano
dlezcano at fr.ibm.com
Mon Jul 12 12:56:42 UTC 2010
Thanks all for the feedbacks.
The following patchset provides an intermediate solution between
all the remarks about the security aspects when running lxc with
the capabilities.
It has the advantage to be compatible with the setuid bit root set
on the lxc-start and lxc-execute.
More work has to be done, but I prefer to send these patches now as
they are critical in terms of security.
More information about the lxc-devel
mailing list