[Lxc-users] Root-less containers?
Gary Ballantyne
gary.ballantyne at haulashore.com
Sat Feb 5 23:31:01 UTC 2011
On 2/6/2011 10:44 AM, Daniel Lezcano wrote:
> On 02/04/2011 07:24 PM, Andre Nathan wrote:
>> Hello
>>
>> Is it possible to have everything inside a container (including init,
>> getty and whatever daemons are installed) being run as a normal user?
>> That is, can I have a container with no root user in /etc/passwd?
>
> Not yet. The user namespace is partially implement in the kernel and the
> userspace tools do not make use of it for the moment.
Is this important if, say, a malicious user has access to a container?
Or, can a container be configured such that they could do little harm?
(Apologies if this is a stupid question, but it's very significant to
our project).
More information about the lxc-users
mailing list