the container. In hole container there is no text where
this filename appears.
My question is now: Where does this filename came from? Is it
a security hole?
greetz
sfrazt
attach1:
container.config
lxc.utsname = b
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network
> I use up-to-date aptosid kernel (3.0.4) and tested the cgroup device access
> rights with rtc.
> test:
> - start with no rights for c 254 0 (rtc).
> - start container, terminal and become root (i deleted all rtc-files in
> container before)
> - mknod -600 rtc0 c 254 0 -> not permitted
> - on h
I use up-to-date aptosid kernel (3.0.4) and tested the cgroup device access
rights with rtc.
test:
- start with no rights for c 254 0 (rtc).
- start container, terminal and become root (i deleted all rtc-files in
container before)
- mknod -600 rtc0 c 254 0 -> not permitted
- on host: echo 'c 254
> > You are absolutely right.
> > The value comes from XAUTHORITY which is given to the container. Is
> > it a
> > wanted behaviour?
>
> I suppose this is coming from sysv init which does not take care of
> cleaning up the env variables (which is better because we can transmit
> env variables from
Daniel Lezcano schrieb am 8.09.11 13:56:
> > My question is now: Where does this filename came from? Is it
> > a security hole?
> >
> Is it possible that's coming from an environment variable ?
You are absolutely right.
The value comes from XAUTHORITY which is given to the container. Is it a
want
em is that HOSTUSER (my user account at host system
and gdm3 and the file doesn't should exist (and doesn't exist)
in the container. In hole container there is no text where
this filename appears.
My question is now: Where does this filename came from? Is it
a security hole?
greetz
again. But this is also not that what i want.
The application should simple behave as there is no more memory, so the
application decides what to do if it gets no more memory.
I hope somebody has a solution. Thx in advance for answer.
Greetz
sfrazt
