RoyceZ

icon indicating a website link https://github.com/RoyceDavison icon indicating an email [email protected]

Results 3 comments of RoyceZ

Don't use hard links in runc jailer

@kzys To clarify this issue, do you mean [this line of code](https://github.com/firecracker-microvm/firecracker-containerd/blob/435ade47c5462cbf2e7decdbf12a9570ae5b474a/runtime/runc_jailer.go#L298) use hard links?

Don't use hard links in runc jailer

@kzys I am not sure if it is a good idea to use bind mount, as the implementation shown in [PR#508](https://github.com/firecracker-microvm/firecracker-containerd/pull/508), I think documenting the restriction is the best for...

Don't use hard links in runc jailer

> How about changing the owner of these files, rather than opening the read and write permissions to others? [This line of code](https://github.com/firecracker-microvm/firecracker-containerd/blob/07661f68e69a8663c1b6b1accc569bb9b12280a3/runtime/runc_jailer.go#L435) already changed the whole directory ownership. Do...