[lxc-users] Question about lxc-container-default-with-nesting profile
Hirokuni Kim
kim at circleci.com
Fri Feb 12 13:18:39 UTC 2016
Hi,
I have a question about the security implication about one line in
lxc-container-default-with-nesting profile.
There is a line `mount fstype=proc -> /var/cache/lxc/**,` in the profile
and in my understanding, the line allows LXC container to mount the /proc
of host machine. If this is correct, why is this ok to allow?
Thanks,
Kim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160212/54dc6907/attachment-0001.html>
More information about the lxc-users
mailing list