[Lxc-users] Lxc and security

Jean-François Leroux leroux.jeanfrancois at gmail.com
Tue Mar 26 23:56:59 UTC 2013


Hi all,
I'm rather new to LXC (although I've been using it for two years now)  
and have some questions about security. I know many of these have been 
discussed in various websites, but I'd like to get advice from real 
users - and many articles I've read may be outdated.

1) I've read that lxc wasn't secure because anyone with root access on 
the container might have access to the host. Is it true with ssh access 
(I mean no console)?
2) Which capabilities would you drop for web servers were users have 
www-data access?
3) What are/would be the danger of running lxc in production servers?

Many thanks for your input. :-)

JFL

PS: I'm planning on running lxc (squeeze) containers inside debian hosts.





More information about the lxc-users mailing list