seems directory /sys/fs/cgroup/cgmanager is directly mounted from host, so any container can simply remove the cgmanager socket on the host from inside the container: # rm /sys/fs/cgroup/cgmanager/sock I guess this should not be possible?