[lxc-users] is starting unprivileged containers as root as secure as running them as any other user?
Serge Hallyn
serge.hallyn at ubuntu.com
Tue Jan 12 16:35:18 UTC 2016
Quoting david.andel at bli.uzh.ch (david.andel at bli.uzh.ch):
> So if I understood correctly, this means that lxd could potentially suffer from a weakness in 'lxc monitor' meaning that it is more secure to run unprivileged containers using the low level lxc-... functions?
I mentioned the lxc-monitor case for completeness, but as there should be no
sockets etc from the monitor avaiable to the container, it'll be a very
interesting case if/when such a vuln is found.
More information about the lxc-users
mailing list