[lxc-users] Overcommit and kernel isolation
Bertrand Paquet
bertrand.paquet at gmail.com
Fri Oct 10 10:09:27 UTC 2014
Ok.
Should be added here ?
https://github.com/lxc/lxc/blob/master/config/apparmor/abstractions/container-base
Bertrand
On Thu, Oct 9, 2014 at 6:56 PM, Serge Hallyn <serge.hallyn at ubuntu.com>
wrote:
> Quoting Bertrand Paquet (bertrand.paquet at gmail.com):
> > Ok. Thx you for information.
> >
> > It's very very dangerous :(
>
> You at a very minimum should be using apparmor, selinux, or user
> namespaces.
> Preferably user namespaces and one of apparmor or selinux.
>
> -serge
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20141010/453b3011/attachment.html>
More information about the lxc-users
mailing list