On Wed, Feb 01, 2012 at 07:37:38PM +0000, Moritz Naumann wrote:
> So there are obvious issues with LXC as a container solution for Linux, such
> as
> lacking actual containment (for the root user)
No, it is not obvious. If you give a process a certain permission, it
can use it. If you remove this permission, it can't longer use it. So
don't allow root in the container access to this permissions.
Bastian
--
Vulcans never bluff.
-- Spock, "The Doomsday Machine", stardate 4202.1
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120203113239.gb16...@wavehammer.waldi.eu.org
