mirror of
https://git.proxmox.com/git/mirror_lxc
synced 2025-07-27 09:48:32 +00:00
1fb86a7cdc
The lxc configuration file currently supports 'lxc.cap.drop', a list of capabilities to be dropped (using the bounding set) from the container. The problem with this is that over time new capabilities are added. So an older container configuration file may, over time, become insecure. Walter has in the past suggested replacing lxc.cap.drop with lxc.cap.preserve, which would have the inverse sense - any capabilities in that set would be kept, any others would be dropped. Realistically both have the same problem - the sendmail capabilities bug proved that running code with unexpectedly dropped privilege can be dangerous. This patch gives the admin a choice: You can use either lxc.cap.keep or lxc.cap.drop, not both. Both continue to be ignored if a user namespace is in use. Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> |
||
|---|---|---|
| .. | ||
| examples | ||
| legacy | ||
| rootfs | ||
| common_options.sgml.in | ||
| FAQ.txt | ||
| lxc-attach.sgml.in | ||
| lxc-cgroup.sgml.in | ||
| lxc-checkconfig.sgml.in | ||
| lxc-checkpoint.sgml.in | ||
| lxc-clone.sgml.in | ||
| lxc-console.sgml.in | ||
| lxc-create.sgml.in | ||
| lxc-destroy.sgml.in | ||
| lxc-device.sgml.in | ||
| lxc-execute.sgml.in | ||
| lxc-freeze.sgml.in | ||
| lxc-info.sgml.in | ||
| lxc-kill.sgml.in | ||
| lxc-ls.sgml.in | ||
| lxc-monitor.sgml.in | ||
| lxc-netstat.sgml.in | ||
| lxc-ps.sgml.in | ||
| lxc-restart.sgml.in | ||
| lxc-start-ephemeral.sgml.in | ||
| lxc-start.sgml.in | ||
| lxc-stop.sgml.in | ||
| lxc-top.sgml.in | ||
| lxc-unfreeze.sgml.in | ||
| lxc-unshare.sgml.in | ||
| lxc-version.sgml.in | ||
| lxc-wait.sgml.in | ||
| lxc.conf | ||
| lxc.conf.sgml.in | ||
| lxc.sgml.in | ||
| Makefile.am | ||
| see_also.sgml.in | ||