[Lxc-users] Lxc and security
Jean-François Leroux
leroux.jeanfrancois at gmail.com
Tue Mar 26 23:56:59 UTC 2013
Hi all,
I'm rather new to LXC (although I've been using it for two years now)
and have some questions about security. I know many of these have been
discussed in various websites, but I'd like to get advice from real
users - and many articles I've read may be outdated.
1) I've read that lxc wasn't secure because anyone with root access on
the container might have access to the host. Is it true with ssh access
(I mean no console)?
2) Which capabilities would you drop for web servers were users have
www-data access?
3) What are/would be the danger of running lxc in production servers?
Many thanks for your input. :-)
JFL
PS: I'm planning on running lxc (squeeze) containers inside debian hosts.
More information about the lxc-users
mailing list