[lxc-devel] [PATCH 0/3] lxc-attach: Additional improvements

[Christian Seiler]

Hi,

I've attached three additional patches for possible improvements to
lxc-attach.

The first two I think should be applied directly, they do the
following:

  1) Create a sane fallback to /bin/sh if it is impossible to detect
     the container's shell because of incompatible nss implementations
     between host and container

  2) Detect the user & group id of PID 1 and use that for lxc-attach
     instead of root, when attaching to user namespaces.

The third patch I'm not really sure about the security implications of,
so I'm sending it as a draft, but somebody who knows more about the
specifics should look over it.

  3) Add -u and -g options to lxc-attach to allow the user to specify
     user and group ids to setuid()/setgid() to when attaching.

     This feature could be really useful, on the other hand, I have
     only ever used lxc running as root (never tried lxc-setcap), so I
     have no idea if this could pose a potential security problem or
     not. (When running as root, you have all the rights anyway, so
     then it's fine.) I'd like some feedback on this before I feel
     comfortable signing off on adding these options.

     Now if somebody tells me that attach is only possible as root
     anyway so far, then I don't have any qualms, but I'd rather be
     safe than sorry.

-- Christian