leaving setfcap in docker containers
Daniel J Walsh
dwalsh at redhat.com
Fri Oct 4 22:16:18 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/04/2013 04:27 PM, Matthew Miller wrote:
> On Mon, Sep 30, 2013 at 08:19:28AM -0400, Daniel J Walsh wrote:
>> I plan on working on adding SELinux to wrap the docker container as we
>> have done for the virt-sandbox containers, but we still allow a lot of
>> privs to a privledged process within the container.
>
> Another question, probably a dumb one. Will this work with the lxc-tools
> approach or just with libvirt-lxc?
>
>
We can work with it on the lxc version, but I am not sure if it will work easily.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlJPPjIACgkQrlYvE4MpobPn3wCgzB7ZbCdYsz3kZI+0pXPlue/a
DeMAoMrZ5xYuRW3XPZebUA/2o/RM/Ezm
=NRmo
-----END PGP SIGNATURE-----
More information about the security
mailing list