Hi How the subject says, I would like to understand all the security aspects of root vs. user based unprivileged containers.
As far as I understand containers with the same namespace mapping can interact with each other because the UID on the host is identical. Also, if I understand it correctly, even a downloaded root based unprivileged container cannot mess with the host system since once it is started it's running entirely in it's own namespace. So the only real difference I see is that the lxc-... commands are run either with root or with restricted privileges. Is there any other security relevant difference? Thanks for elucidation, David
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
