Re: [PATCH] Add a file named cgroup.procs_stat in cgroup

From: Greg KH
Date: Fri May 04 2018 - 13:32:06 EST


On Fri, May 04, 2018 at 10:28:20PM +0800, zhangq95 wrote:
> When I run "cat /proc/stat" in a container, container will access
> host's file directly which is a security risk.

Why is this a "security risk"? What can be learned there that is
somehow "bad"?

thanks,

greg k-h