Questions tagged [lxc]
6 questions
5
votes
1 answer
How secure is LXD compared to Docker?
I was thinking on using LXD instead of Docker, but I can't find anything about how secure it is compared to a regular or a CIS hardened Docker. Any information about this?
inf3rno
- 487
- 1
- 7
- 19
3
votes
0 answers
Do BSD jails protect against some vulnerability class that LXC doesn't?
You can find many claims online regarding BSD jails being "better" in some way than Linux namespaces for containment, but they typically lack technical details.
From what I understand, the attack surface is pretty much equivalent (shared kernel…
viraptor
- 215
- 1
- 7
3
votes
2 answers
What lightweight sandboxing options do I have on linux?
What can I use to avoid running a full-fledged VM that gives me comparable security?
Possibly, something like https://coreos.com/rkt/ but I don't know what their security properties are.
Elias
- 1,915
- 1
- 9
- 17
2
votes
1 answer
What disadvantages running untrusted applications in anbox has over running them in a virtual machine?
I consider running Android applications in Anbox instead of running them in a virtual machine (Android-x86 in GNOME Boxes using QEMU with KVM). Does it increase the chances that malicious code in an Android app will get unauthorized access to the…
Roman Riabenko
- 147
- 7
2
votes
1 answer
LXC vs. LXD: Which is “more secure”?
My friend told me today that I should never use LXC without changing its default configuration. Instead, I should prefer to use LXD, as it is "more secure" by default.
Is that true? What are the differences between LXC and LXD with regard to…
Florian Schneider
- 1,073
- 2
- 9
- 11
0
votes
0 answers
Security implications of providing lxc-utils to regular users
We have some systems where users are using Docker in userspace to run development environments. These containers sometimes leave files and directories behind that cannot be deleted directly by the users because they were created by other userids…
Gerald Schneider
- 101
- 2