terenceli

While reproducing the cve-2019-16884 I find it can't work. After digging into this it seems the runc version is wrong. When I reproduce this issue in here https://github.com/opencontainers/runc/issues/2128 I got...

gVisor unprivileged user can't access file in rootless mode

14

### Description While in rootless mode, the container UID is the same as the UID of running runsc, in the container we can't access the file belongs to the host...

Can't run runsc in kvm platform in VMware

3

### Description When I use the latest runsc binary in VMware and run it in kvm mode. It can't run. The 'dmesg' shows: [ 6761.380049] *** Guest State *** [...

runsc: boot: use a more reliable method to check /proc

8

Currently we check whether /proc is umounted by 'unix.Access'. If we run runsc as setuid binary using unprivileged user(in our use cases) we may get EPERM even the /proc is...