Bug#774376: when run with old kernel, docker exec silently uses real root filesystem as container filesystem

[Joey Hess]

Package: docker.io
Version: 1.3.3~dfsg1-1
Severity: serious

Here's a system that was upgraded to unstable but not yet rebooted into the new
kernel..

root@clam:~>uname -a
Linux clam 3.2.0-4-amd64 #1 SMP Debian 3.2.54-2 x86_64 GNU/Linux
root@clam:~>touch /hello-host
root@clam:~>docker exec oldusenet-shellbox.clam.kitenet.net.propellor ls 
/hello-host
/hello-host

This is pretty horrible! Note that only docker exec behaves this way;
docker run and docker attach operate with the filesystem correctly chrooted
to the container.

Also, it seems that not only the filesystem, but process namespacing is broken.

root@clam:~>docker exec oldusenet-shellbox.clam.kitenet.net.propellor ps -ax 
|grep grep
20600 pts/4    S+     0:00 grep grep

I didn't check network namespacing, but my guess is docker fails
to enter any namespace because of the old kernel, and then fails to
propigate the error because Fail.

There does not seem to be anything interesting in docker.log.

I have filed this severity serious as a compromise. I think this bug could
cause data loss. Using docker exec to do part of a container's deployment,
and deploying changes to the host system could result in arbitrary horrible
effects, up to and including removing files from the host system. However,
in my case, I luckily was deploying a new system, so I can throw away
the resulting mess.

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages docker.io depends on:
ii  adduser              3.113+nmu3
ii  init-system-helpers  1.22
ii  iptables             1.4.21-2+b1
ii  libapparmor1         2.9.0-3
ii  libc6                2.19-13
ii  libdevmapper1.02.1   2:1.02.90-2
ii  libsqlite3-0         3.8.7.4-1
ii  perl                 5.20.1-4

Versions of packages docker.io recommends:
ii  aufs-tools       1:3.2+20130722-1.1
ii  ca-certificates  20141019
ii  cgroupfs-mount   1.1
ii  git              1:2.1.4-2
ii  xz-utils         5.1.1alpha+20120614-2+b3

Versions of packages docker.io suggests:
pn  btrfs-tools  <none>
ii  debootstrap  1.0.66
pn  lxc          <none>
pn  rinse        <none>

-- no debconf information

-- 
see shy jo

signature.asc
Description: Digital signature