[lxc-users] More secure container

T.C 吳天健 tcwu2005 at gmail.com
Tue May 9 15:22:02 UTC 2017


Hi ,

Its said privileged container is unsecured . For example, if a user in the
container (suppose it's running a service toward the public) hack the
system with some kind of root kit.

I am thinking of building a more secure container.  The first idea is to
use unprivileged container;  Second is apply cgroup to limit viewing of
some sensitive /dev files, and any recommendation?

Summary
-use unprivileged container
-cgroup to limit viewing of some /dev files
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20170509/690228c9/attachment.html>


More information about the lxc-users mailing list