[Lxc-users] How much LXC is secure?
Adam Ryczkowski
adam.ryczkowski at statystyka.net
Mon Nov 11 12:19:25 UTC 2013
Last year I've read many times, that LXC have some outstanding security
issues, and are the encapsulation is not tight enough to prevent
hijacking the host, when the guest is compromised. But I never managed
to find out, how exactly does one escape the LXC container.
I'm using the LXC containers as a holders for virtual computers (just as
advertized in https://help.ubuntu.com/12.04/serverguide/lxc.html) in
hope, that this will make another line of defense against hackers anyway.
Recently the host got hacked (Ubuntu 12.04 precise with kernel 3.8.2) ,
and I have renewed suspicions about the impenetrability of LXC.
I wonder what is the state of affairs now. How does one implement
virtual computers inside LXC containers, so root on a guest cannot get
root rights on host?
Adam Ryczkowski
+48505919892 <callto:+48505919892>
Skype:sisteczko <skype:sisteczko>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20131111/c5f1241a/attachment.html>
More information about the lxc-users
mailing list