[Devel] Re: [patch 1/1][RFC] do not sys_reboot when not in init_pid_ns
Daniel Lezcano
dlezcano at fr.ibm.com
Tue Nov 4 14:14:14 PST 2008
Serge E. Hallyn wrote:
> Quoting Daniel Lezcano (dlezcano at fr.ibm.com):
>> Daniel Hokka Zakrisson wrote:
>>> Daniel Lezcano wrote:
>>>
>>> Wouldn't it be better to simply remove CAP_SYS_BOOT from containers
>>> until sys_reboot emits some signal to userspace to restart/halt the
>>> container? (This is what we do in Linux-VServer.)
>> Ok, I will try, thanks.
>>
>> BTW, isn't possible that a process gave CAP_SYS_BOOT capability again to
>> himself and being able to shutdown the host ? I guess I should remove
>> CAP_SETPCAP too, no ?
>
> No, remove it from your bounding set. You can never add bits back to
> that set. prctl(PR_CAPBSET_DROP, CAP_SYS_BOOT);
Tested with lxc and debian minimal, I can halt/shutdown the container
from inside. Cool !
Thanks.
-- Daniel
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list