Details
-
Type:
Bug
-
Status: Verified
-
Priority:
Major
-
Resolution: Fixed
-
Fix Version/s: Vz7.0-Beta2
-
Component/s: Containers::Kernel
-
Security Level: Public
-
Environment:Operating System: Other
Platform: All
-
External issue URL:
-
External issue ID:2061
Description
Long ago there was a bug in OpenVZ bugzilla (OVZ-5192) where we decided to allow host to view connections of all Containers on the node.
Containers were still be able to see only their own connections.
During rebase to RHEL7 the check has been mistakenly put under ifdef NETNS_REFCNT_DEBUG which is not used/set => as far i understand any Container was able to see connections of all Containers on the node.
Containers were still be able to see only their own connections.
During rebase to RHEL7 the check has been mistakenly put under ifdef NETNS_REFCNT_DEBUG which is not used/set => as far i understand any Container was able to see connections of all Containers on the node.
Attachments
Issue Links
- cloned from
-
-
- Closed
-
