[lxc-users] Running unprotected system container
Andrey Repin
anrdaemon at yandex.ru
Mon Jun 15 14:49:25 UTC 2020
Greetings, Koehler!
> As indicated, the code that will run inside that container is our previous
> OS and if it does bad things, well, that means it was doing so previously so
> not a "bigger" issue than it was before. Since if that works, we will move
> more towards snap we will then have a better security system (AppArmor,
> SecComp, better app separation, etc) in place to remove trust for each app
> and get rid eventually of that container which purpose as indicated is to
> ease the transition and get some of the features we want from Ubuntu Core
> in an early release, if we do get this to work.
If your intent is to run specifically **operating system**, then there's no way
around a virtual machine.
Containers is NOT the right choice for your task.
--
With best regards,
Andrey Repin
Monday, June 15, 2020 17:47:30
Sorry for my terrible english...
More information about the lxc-users
mailing list