Hi

On 05/26/2011 11:37 AM, Jäkel, Guido wrote:
> Ulli>My lxc meta-script creates /lxc/hostname inside the container at startup:
> 
> As a workaround my meta-scripts does something similar be able to re-start 
> the appropriate containers in
> case of a panic, powerfail or similar on the supporting host.  But IMHO it's 
> in the concern of basic
> lxc and not to your, mine and other peoples metascripts to provide such 
> things.

Restarting LXC containers after a panic, power-fail or everything else is not 
the concern of basic LXC, it related to
your host init script or your HA stuff (guest could have been restarted 
somewhere else) or things like Ganeti, Openstack...

> Papp>I hope a container cannot identify its host.
> 
> You mean that's a concern of security? Why it shouldn't; "security through 
> obscurity" is never a solution at
> all, you'll know!
For me it's a concern of security, LXC provide isolation through namespaces 
bewteen host and guests, this kind of stuff
would break this isolation.
For a guest not knowing on which host it is running is not about of obscurity 
but information security.
(obscurity is, IMHO, not about giving information but hiding technical details 
and how things works, but yes security
through obscurity is not a solution)

Regards

Aurélien

------------------------------------------------------------------------------
vRanger cuts backup time in half-while increasing security.
With the market-leading solution for virtual backup and recovery, 
you get blazing-fast, flexible, and affordable data protection.
Download your free trial now. 
http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________
Lxc-users mailing list
Lxc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users

Reply via email to