Quoting mleuker (mich...@leuker.me): > I'm referencing John Siu's > https://lists.linuxcontainers.org/pipermail/lxc-users/2016-February/010960.html > which was never answered conclusively. My setup currently separates each > unprivileged container with a different subuid / subguid range, e.g. > > lxc1 1000000 65536 > lxc2 1100000 65536 > lxc3 1200000 65536 > ... > > The question is whether there is any gain in security doing this or if > running all containers with the same sub(g)uid offers enough protection with > apparmor and lxcfs are enabled.
There is still a security gain. > What for example happens if one of the containers is taken over? We know that > the host is protected well enough since gaining root in the container doesn't > help the attacker do much on the host. But could he or she use the breach as > an attack vector against other containers *specifically* because they are > running with the same sub(g)uid set? Yes. -serge _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
