[systemd-devel] What makes systemd-nspawn "not suitable for secure container setups"?
Tollef Fog Heen
tfheen at err.no
Sun Apr 24 22:54:44 PDT 2011
]] Lennart Poettering
[...]
| (Consider the container blocking all ports > 6000 thus making it
| impossible to run X on the host). But this one is actually not a big
| issue in the end I guess, so let's ignore it here.
X doesn't listen on tcp by default those days, so this shouldn't be a
problem in this specific case.
--
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are
More information about the systemd-devel
mailing list