leaving setfcap in docker containers
Matthew Miller
mattdm at fedoraproject.org
Tue Oct 1 13:28:54 UTC 2013
On Mon, Sep 30, 2013 at 08:19:28AM -0400, Daniel J Walsh wrote:
> I plan on working on adding SELinux to wrap the docker container as we have
> done for the virt-sandbox containers, but we still allow a lot of privs to a
> privledged process within the container.
Do you have (or want?) a bugzilla entry to track that? Because I kind of see
that as a killer feature for our Docker implementation.
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm at fedoraproject.org>
More information about the security
mailing list