[lxc-users] secure unprivileged containers

[Serge Hallyn]

Quoting J Bc (javibc at esdebian.org):
> Hello, is it secure mount various unprivileged containers with the
> same user? or the correct way is one user, one unprivileged container?
> Thank you.

You should use distinct subuid ranges for all containers that you wish
to keep segragated.  A single user can be delegated (multiple) large
subuid ranges, so a single uid (1000) could be uesd to launch many
containers.