date:20170113

Re: [lxc-users] Risk/benefit of enabling user namespaces in the kernel for running unprivileged containers

2017-01-13 Thread Fajar A. Nugraha

On Sat, Jan 14, 2017 at 4:56 AM, Fajar A. Nugraha wrote: > On Sat, Jan 14, 2017 at 3:52 AM, John wrote: > >> >> Again, thank you for the detailed reply. Are the nature of these sorts >> of interactions such that users require physical access or ssh

Re: [lxc-users] Risk/benefit of enabling user namespaces in the kernel for running unprivileged containers

2017-01-13 Thread Fajar A. Nugraha

On Sat, Jan 14, 2017 at 3:52 AM, John wrote: > > Again, thank you for the detailed reply. Are the nature of these sorts of > interactions such that users require physical access or ssh access to the > host machine in order to exploit, or can they originate from within

Re: [lxc-users] would there be value in starting an LXD community online collection of how-to related information

2017-01-13 Thread Stéphane Graber

On Fri, Jan 13, 2017 at 09:29:59PM +0200, Moe wrote: > Here is my opinion on it: > > 1) We do need documentation, especially tutorials. Lots and lots of > tutorials and how-tos . LXD and Docker compete in different niches, but > LXD can easily do what Docker does (and sometimes better in certain

Re: [lxc-users] Risk/benefit of enabling user namespaces in the kernel for running unprivileged containers

2017-01-13 Thread John

- Original Message - > From: Serge E. Hallyn > To: LXC users mailing-list > Sent: Friday, January 13, 2017 11:20 AM > Subject: Re: [lxc-users] Risk/benefit of enabling user namespaces in the > kernel for running unprivileged

Re: [lxc-users] would there be value in starting an LXD community online collection of how-to related information

2017-01-13 Thread Moe

Here is my opinion on it: 1) We do need documentation, especially tutorials. Lots and lots of tutorials and how-tos . LXD and Docker compete in different niches, but LXD can easily do what Docker does (and sometimes better in certain situations) and part of the reason that Docker is used so much

Re: [lxc-users] Risk/benefit of enabling user namespaces in the kernel for running unprivileged containers

2017-01-13 Thread Serge E. Hallyn

Quoting John (da_audioph...@yahoo.com): > From S. Graber's blog[1] and other sources, consensus is that unprivileged > containers offer the best security from the container's perspective. There > is quite a discussion in an Arch Linux feature request[2] around the risks of > enabling user

Re: [lxc-users] Risk/benefit of enabling user namespaces in the kernel for running unprivileged containers

Re: [lxc-users] Risk/benefit of enabling user namespaces in the kernel for running unprivileged containers

Re: [lxc-users] would there be value in starting an LXD community online collection of how-to related information

Re: [lxc-users] Risk/benefit of enabling user namespaces in the kernel for running unprivileged containers

Re: [lxc-users] would there be value in starting an LXD community online collection of how-to related information

Re: [lxc-users] Risk/benefit of enabling user namespaces in the kernel for running unprivileged containers

6 matches

Site Navigation

Mail list logo

Footer information