[lxc-users] is starting unprivileged containers as root as secure as running them as any other user?

Carlos Alberto Lopez Perez clopez at igalia.com
Mon Jan 11 17:24:59 UTC 2016


On 08/01/16 19:58, Serge Hallyn wrote:
> Quoting Carlos Alberto Lopez Perez (clopez at igalia.com):
>> Hi,
>>
>>
>> Suppose that we create an unprivileged container as root (using the
>> download template or manually converting it with uidmapshift).
>>
>> Such container config will contain (for example) the following maps:
>>
>> lxc.id_map = u 0 100000 65536
>> lxc.id_map = g 0 100000 65536
>>
>> And root would be also allowed to use them:
>>
>> $ usermod --add-subuids 100000-165536 root
>> $ usermod --add-subgids 100000-165536 root
>>
>>
>> My question is....
>>
>> From a security point of view, does creating and starting an
>> unprivileged container as root make any difference than doing it as any
>> other user of the host?
> 
> Yes.
> 
> For example, if you'll then be running lxc-attach as root instead of as
> an unpriv user, then any attacks from inside the container against lxc-attach
> will attack the root user.
> 

Is this the only difference from a security point of view?
Suppose that I don't use lxc-attach, but lxc-console or login via ssh.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 883 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160111/a6db198b/attachment.sig>


More information about the lxc-users mailing list