Comment 1 for bug 1470842

Hi Roman - Thank you for the report!

Unfortunately, I'm having trouble reproducing the issue. You say that guest "somename" has to exist but if a privilege LXC container has been created, /run/lock/lxc always exists. That directory and its subdirectories are only modifiable by root and they're created during the boot process.

I'll now try creating the malicious /run/lock/lxc/var/lib/lxc/somename before creating the "somename" container since /run/lock/lxc will not yet exist.