I am thinking more about container accessing another container, instead of container accessing the host. So it is like drilling a hole on the wall to next door, instead of drilling the floor to access the lobby. Or are they actually equivalent?
John > On Feb 15, 2016, at 01:01, Fajar A. Nugraha <[email protected]> wrote: > > On Mon, Feb 15, 2016 at 11:56 AM, John Siu <[email protected] > <mailto:[email protected]>> wrote: > Is there any advantage to use separate subuid and subguid for each container? > > For example, when multiple unprivileged containers with the same subuid > 100000, ps will show something like the following: > > One cannot tell which process is owned by which container. > > > ps -ea -O cgroup:50 > > > Additionally, using the same subuid, is there any concern about one container > gaining access to the other containers? Or is this not a problem at all? > > > in theory, yes, AFAIK that is a possibility. If somehow a process manage to > break out of the container, it might be able to do stuff in the host as an > unpriviliged user. > > I haven't seen any attacks like that on recent systems though. In particular, > with apparmor and lxcfs enabled, you should get an additional layer of > security. So personally I find it's still acceptable for multiple unpriv > containers to share the same subuid. > > -- > Fajar > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
