OpenVZ out of band management

Quags

Administrator
Staff member
Add ability to access openvz container even if networking is down similar to our KVM vnc access.
 

Quags

Administrator
Staff member
While a possible way to do this was found and tested, I am not happy with the method that must be used in order to enable this feature. This requires entering in from the hostnode, then entering into the container using vzctl. VNCterm from proxmox is able to do this, but until more security scrutiny is done this will not be available.
 

Quags

Administrator
Staff member
This method could have been vulnerable through the shellshock / bash vulnerability using ssh and force command. So I am quite comfortable in my decision not to roll out this feature.
 
Would there be a way to role out this feature while at the same time keeping it safe from major viruses and vulnerabilities like this?
 
Top