[systemd-devel] What makes systemd-nspawn "not suitable for secure container setups"?

Daniel J Walsh dwalsh at redhat.com
Mon Apr 25 05:43:04 PDT 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/22/2011 07:42 PM, Josh Triplett wrote:
> The systemd-nspawn manpage lists the various mechanisms used to isolate
> the container, and then says "Note that even though these security
> precautions are taken systemd-nspawn is not suitable for secure
> container setups. Many of the security features may be circumvented and
> are hence primarily useful to avoid accidental changes to the host
> system from the container."
> 
> How can a process in a systemd-nspawn container circumvent the container
> setup?  What additional steps would systemd-nspawn need to take to
> provide a secure container setup?
> 
> - Josh Triplett
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
SELinux  would be a good start.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk21bFcACgkQrlYvE4MpobNwJwCeO7xqfUTykQGDQsiJj3oAYD/4
4bIAoNJucumKU17lquo/insid7cYwCg9
=H8IP
-----END PGP SIGNATURE-----


More information about the systemd-devel mailing list