On Fri, May 04, 2018 at 10:28:20PM +0800, zhangq95 wrote: > When I run "cat /proc/stat" in a container, container will access > host's file directly which is a security risk. Why is this a "security risk"? What can be learned there that is somehow "bad"? thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe cgroups" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html