http://bugzilla.suse.com/show_bug.cgi?id=1131084
http://bugzilla.suse.com/show_bug.cgi?id=1131084#c15
Aleksa Sarai changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |asarai@suse.com
--- Comment #15 from Aleksa Sarai ---
I know I'm late to the party here, but I would suggest you shouldn't be
mounting /proc yourself inside a container -- especially if you are running
privileged code. There are all sorts of container escapes that can occur if you
have a /proc mount without any masked paths (for instance,
/proc/sysrq-trigger).
Instead, if you really need it for a chroot(2) then you should rbind-mount the
host's /proc (which does have all of correct parts mounted-over).
--
You are receiving this mail because:
You are on the CC list for the bug.