can core_pattern be modified from privileged CT?

harvie · Mar 7, 2022

i've just found this: https://pwning.systems/posts/escaping-containers-for-fun/

They simply set /proc/sys/kernel/core_pattern to execute user provided binary in host context by triggering coredump inside of privileged docker container.
Can this be done with privileged CTs on proxmox? Or is core_patter somehow protected by apparmor or something?

fabian · Mar 7, 2022

/proc/sys is mounted ro in privileged containers as well (protected by apparmor). that being said, unprivileged containers do offer more isolation and an additional barrier compared to privileged ones, see "Unprivileged Containers" and "Privileged Containers" in https://pve.proxmox.com/pve-docs/chapter-pct.html#pct_general

Search

Search

can core_pattern be modified from privileged CT?

harvie

Well-Known Member

fabian

Proxmox Staff Member