From: Daniel Lezcano <dlezcano@fr.ibm.com>
When an user tries to look at the pids or network information belonging
to a container not owned by the user. The command silently fails, I changed
that to check the read permission, display an error and exit.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
exit 1
fi
+if [ ! -r $lxcpath/$name ]; then
+ echo "Can not access '$name': permission denied"
+ exit 1
+fi
+
if [ ! -f $lxcpath/$name/init ]; then
exit 0
fi
-initpid=$(cat $lxcpath/$name/init)
-
-mount --bind /proc/$initpid/net /proc/$$/net && exec netstat $*
\ No newline at end of file
+initpid=$(cat $lxcpath/$name/init) && \
+ mount --bind /proc/$initpid/net /proc/$$/net && \
+ exec netstat $*
exit 1
fi
+if [ ! -r $lxcpath/$name ]; then
+ echo "Can not access '$name', permission denied"
+ exit 1
+fi
+
if [ -h $lxcpath/$name/nsgroup ]; then
ps $* -p $(cat $lxcpath/$name/nsgroup/tasks)
fi