User can use lxc hooks for privilege escalation on lxd host #2003
Comments
I thought we had it blocked but apparently had to unblock it for some reason (nova-lxd maybe) and even have a test to make sure it does run... We may end up blocking it again at some point down the line as we generally don't guarantee anything about raw.lxc. That being said, I don't think it's a security issue as we consider anyone having access to the LXD API to have full root access anyway. Basically the following is always possible and will give you similar access: At which point you have the whole host mounted in /mnt/root and you have root access against all of it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
LXD does not filter out or deny user to set lxc pre-start hook in user containers, which could be used to execute code as root on the host, outside the containers. Other hooks either run as subuid or in the contained environment so I see no direct issue with them, but pre-start run as a privileged user and could be used for privilege escalation.
The text was updated successfully, but these errors were encountered: