If a container does something bad on a runtime console connection - eg. too huge request - the connections is closed permanently. The containers has no ability to reconnect and a exit with a (external) restart is the only option to get out of this.

Think about reopening the console connection upon connections errors. This is tricky because it's not possible to guarantee that the same fd number can be used. Furthermore the connections is currently opened in the runtime and far from the init processes.

Note: If a container is started with it's own namespace (the namespace is created by the runtime) it's possible to listen on a socket in there instead of passing a open fd. This would allow reconnects upon e.g usage errors etc...