[lxc-users] secure unprivileged containers

Serge Hallyn serge.hallyn at ubuntu.com
Sun Sep 21 03:48:40 UTC 2014


Quoting J Bc (javibc at esdebian.org):
> Hello, is it secure mount various unprivileged containers with the
> same user? or the correct way is one user, one unprivileged container?
> Thank you.

You should use distinct subuid ranges for all containers that you wish
to keep segragated.  A single user can be delegated (multiple) large
subuid ranges, so a single uid (1000) could be uesd to launch many
containers.


More information about the lxc-users mailing list