[lxc-users] Security risk of sharing /dev/net/tun and /dev/kvm in unprivileged containers
Janjaap Bos
janjaapbos at gmail.com
Thu Jan 26 09:16:02 UTC 2017
What are the security risks of enabling access to /dev/kvm and /dev/net/tun
to an LXD unprivileged container?
E.g. bind mount / add device to container config.
Would this significantly expose the host or other containers to increased
risk?
Could you offer access to untrusted users?
Does anyone have a pointer to more info about this?
Thanks!
-Janjaap
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20170126/9d60e96b/attachment.html>
More information about the lxc-users
mailing list