On Tue, Mar 06, 2012 at 03:58:49PM +0000, Ben Hutchings wrote: > Do jails still provide features that LXC does not? Like, say, any security separation at all? LXC is a glorified chroot with some scheduler niceties and a way to set default IP for a group of processes. If you want any security benefits, you need vserver, openvz or BSD jails. Speaking of which, did any of you guys start some work to get vserver or openvz packaged the Debian way, as discussed in the recent flamewar? Having to use the upstream kernel patch directly is a massive duplication of work. -- // If you believe in so-called "intellectual property", please immediately // cease using counterfeit alphabets. Instead, contact the nearest temple // of Amon, whose priests will provide you with scribal services for all // your writing needs, for Reasonable and Non-Discriminatory prices.
Description: Digital signature