oss-sec mailing list archives
Re: docker VMM breakout
From: Yves-Alexis Perez <corsac () debian org>
Date: Wed, 18 Jun 2014 15:25:28 +0200
On mer., 2014-06-18 at 20:15 +1000, David Jorm wrote:
Thanks for reporting this issue, Sebastian. Could a CVE ID please be assigned to this issue, given it affects Docker 0.11?
It also applies to LXC, where dropping CAP_DAC_OVERRIDE and CAP_DAC_SEARCH might not be completely possible if you're running a full system in a container (I'm not completely sure of that so any clue is welcome here). Regards, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- docker VMM breakout Sebastian Krahmer (Jun 18)
- Re: docker VMM breakout David Jorm (Jun 18)
- Re: docker VMM breakout Yves-Alexis Perez (Jun 18)
- Re: docker VMM breakout Sven Kieske (Jun 18)
- Re: docker VMM breakout Daniel J Walsh (Jun 18)
- Re: docker VMM breakout gremlin (Jun 18)
- Re: docker VMM breakout Serge Hallyn (Jun 19)
- Re: docker VMM breakout Daniel J Walsh (Jun 20)
- Re: docker VMM breakout David Jorm (Jun 18)