Quoting Michael Casadevall (<email address hidden>): > Thanks Serge. That behavior should be documented somewhere, since I was
Yup, lxc-checkconfig needs to be updated.
> greatly concerned there was a security issue in LXC.
Note that until lxc can exploit user namespaces, there are plenty of security issues unless you lock it down with an LSM.
thanks, -serge
Quoting Michael Casadevall (<email address hidden>):
> Thanks Serge. That behavior should be documented somewhere, since I was
Yup, lxc-checkconfig needs to be updated.
> greatly concerned there was a security issue in LXC.
Note that until lxc can exploit user namespaces, there are plenty of security
issues unless you lock it down with an LSM.
thanks,
-serge