Re: [PATCH] Add a file named cgroup.procs_stat in cgroup

From: Greg KH
Date: Fri May 04 2018 - 13:32:06 EST

Next message: Steven Sistare: "Re: [RFC] sched/core: Don't schedule threads on pre-empted vcpus"
Previous message: Mrs Mavis L. Wanczyk: "Charity Gift !!!"
In reply to: Peter Zijlstra: "Re: [PATCH] Add a file named cgroup.procs_stat in cgroup"
Next in thread: kbuild test robot: "Re: [PATCH] Add a file named cgroup.procs_stat in cgroup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, May 04, 2018 at 10:28:20PM +0800, zhangq95 wrote:
> When I run "cat /proc/stat" in a container, container will access
> host's file directly which is a security risk.

Why is this a "security risk"? What can be learned there that is
somehow "bad"?

thanks,

greg k-h

Next message: Steven Sistare: "Re: [RFC] sched/core: Don't schedule threads on pre-empted vcpus"
Previous message: Mrs Mavis L. Wanczyk: "Charity Gift !!!"
In reply to: Peter Zijlstra: "Re: [PATCH] Add a file named cgroup.procs_stat in cgroup"
Next in thread: kbuild test robot: "Re: [PATCH] Add a file named cgroup.procs_stat in cgroup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]