You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Right now, the EGI container, which is the standard interface that works on multiple service providers, runs using the privileged flag on docker. This effectively means that the container has all the capabilities of the host machine, suggesting that a permissions leak is possible.
Describe the solution you'd like
To fix this, we should use a device flag, which does not enable access to the same information that a privileged flag might. At the same time, further testing will be necessary to avoid SkyScan performance impacts.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Right now, the EGI container, which is the standard interface that works on multiple service providers, runs using the privileged flag on docker. This effectively means that the container has all the capabilities of the host machine, suggesting that a permissions leak is possible.
Describe the solution you'd like
To fix this, we should use a device flag, which does not enable access to the same information that a privileged flag might. At the same time, further testing will be necessary to avoid SkyScan performance impacts.
The text was updated successfully, but these errors were encountered: