Getting openpty called in the container would solve a lot of problems
for us but it's not possible to do in a safe way as it'd effectively
rely on the container's filesystem which the container user can change
or fake at will, allowing for attacks on the host's C library and LXD
itself.
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1641236
Title:
Confined processes inside container cannot fully access host pty
device passed in by lxc exec
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1641236/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
