Re: Linux 3.2 in wheezy
On Wed, Feb 01, 2012 at 07:37:38PM +0000, Moritz Naumann wrote:
> So there are obvious issues with LXC as a container solution for Linux, such as
> lacking actual containment (for the root user)
No, it is not obvious. If you give a process a certain permission, it
can use it. If you remove this permission, it can't longer use it. So
don't allow root in the container access to this permissions.
Vulcans never bluff.
-- Spock, "The Doomsday Machine", stardate 4202.1