On Fri, 17 May 2013 11:32:34 -0500 Serge Hallyn <serge.hal...@ubuntu.com> wrote: > I'm not quite ready to send it (and have been derailed with wanting to > finish api conversion of a few commands, and other stuff next week), > but I do have a working patch introducing 'lxc-ubuntu-cloud-user' > template, which allows an unprivileged user to create a container, > and will run everything (except the tiny program which maps uids) > without root. > > lxc-alpine looks like it will be another good candidate for this (as > is lxc-cirros). Basically anything which untars. rsync is harder > (hard enough that we may never support it) and debootstrap > impossible...
I'd rather aim for not running any binary that has not been cryptographically verified, at least for Alpine Linux. -nc ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
