[lxc-users] does running NTP in an LXC improve security?
Serge E. Hallyn
serge at hallyn.com
Tue Apr 25 15:02:29 UTC 2017
Quoting Sean McNamara (smcnam at gmail.com):
> First of all, an "unprivileged" container is still pretty insecure if
> you don't have a proper Linux Security Module (LSM) enforcing
kernel 0-days in very specific syscalls aside, an unprivileged
container is as secure as a program running as an unprivileged user.
The LSMs are used mainly for defense in depth.
> Mandatory Access Control to restrict what the container can do.
>
> LXD takes a decent stab at integrating the AppArmor LSM and applies it
> pretty well to secure and isolate unprivileged LXD guests out of the
> box, especially on Ubuntu 16.04+ using recent LXD versions. Not so
> much LXC; please search the list archives for this question being
I suppose it depends on the distro, but LXC on Ubuntu by default
very much does integrate apparmor and seccomp protections.
And lxc containers can be "completely" unprivileged (no root daemon
setting the container up for you with privilege) which is not the case
with LXD. (worthwhile and necessary tradeoff for its advantages, but
a tradeoff nonetheless)
-serge
More information about the lxc-users
mailing list