[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Linux 3.2 in wheezy

On Feb 03, Bastian Blank <waldi@debian.org> wrote:

> > http://blog.bofh.it/debian/id_413
> This example shows nothing new. If you have CAP_SYS_MOUNT, you can also
> just mount the root filesystem into your own tree.
> Linux-VServer does not help against processes with too much
> capabilities, not sure about OpenVZ.
OpenVZ does: /sys is there but you cannot use it to influence the host 
(because it was designed from ground up to be secure).

> > > * how to execute a command in a running VM?  lxc-execute complains that the
> > Lack of something like VE_ENTER also makes it unsuitable for me.
> ssh works.
Not for my use case, I wrote a pam_vz module which removes the need to 
have sshd, ftpd and cron in guests.


Attachment: signature.asc
Description: Digital signature

Reply to: