Y
Hacker News
new
|
ask
|
show
|
jobs
by
uvuv
2401 days ago
That's an option, an actually what LXD does. It's better then just chrooting, though in the case of this vulnerability even if docker-tar entered the mount NS, the exploit will still work.