Re: Linux 3.2 in wheezy
thanks for these infos!
On Montag, 30. Januar 2012, Marco d'Itri wrote:
> Let's start with this: in its current form, it is not designed to
> protect the host system from an untrusted root user in a guest.
> So far lxc is nice for testing, but not much more.
would you mind filing a bug about this?! Refering to your blog post is nice,
but it's harder to track and to subscribe to.
> > * how to execute a command in a running VM? lxc-execute complains that
> > the
> Lack of something like VE_ENTER also makes it unsuitable for me.
eek, me too. Another bug.
> > container is busy, forcing it results in processes in both sessions not
> > seeing each other (ie, they end up in different cgroups instead of
> > entering the existing one).
> AFAIK there is still no way to attach a process to an existing cgroup,
> so you need to have a sshd in the guest.