openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #16005
Re: openstack libvirt lxc
On Tue, Aug 21, 2012 at 10:19:34AM +0800, 廖南海 wrote:
> Who use the lxc virtual machine?
> Please give me some advices?
My advice would be not to use LXC since, as it exists today, it is not
secure. ie root within the container can break out & compromise the
entire host. This is not really the fault of OpenStack, but rather the
fact that the Linux kernel container support is still under development
and does not provide all the pieces required to form a secure solution.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
Follow ups
References