[systemd-devel] What makes systemd-nspawn "not suitable for secure container setups"?

microcai microcai at fedoraproject.org
Mon Apr 25 05:51:17 PDT 2011

Previous message: [systemd-devel] What makes systemd-nspawn "not suitable for secure container setups"?
Next message: [systemd-devel] What makes systemd-nspawn "not suitable for secure container setups"?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

于 2011年04月25日 20:43, Daniel J Walsh 写道:
> SELinux  would be a good start.

No, root inside can still change SE-Linux policy.

Previous message: [systemd-devel] What makes systemd-nspawn "not suitable for secure container setups"?
Next message: [systemd-devel] What makes systemd-nspawn "not suitable for secure container setups"?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the systemd-devel mailing list