Quoting Fiedler Roman (roman.fied...@ait.ac.at): > Hello List, > > I have problems finding information about lxc with system virtualization and > access restriction to /proc/kcore. In my setup, root in guest can read > /proc/kcore, data from host shows up in container kcore, so kcore is not > somehow faked/virtualized. > > I did not find no suitable information about securing /proc use inside > container, so perhaps someone could point me to information to these > questions? > > * Is secure /proc use (no escape, no major host/container or inter-container > info leaks) inside guest possible?
ATM I recommend you use an LSM to do that. -serge ------------------------------------------------------------------------------ Systems Optimization Self Assessment Improve efficiency and utilization of IT resources. Drive out cost and improve service delivery. Take 5 minutes to use this Systems Optimization Self Assessment. http://www.accelacomm.com/jaw/sdnl/114/51450054/ _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
