Quoting Daniel Berrange ([email protected]):
> > Serge: is there anything we can do on the Nova side of things ? Looks
> like this has security implications ?
> 
> Providing sVirt support in libvirt, mitigates against the lack of
> security for containers in the kernel, but this is at best a band-aid.
> Ultimately, we need the usernamespace work completed to allow LXC to be

For the record, most of it actually has landed upstream (last week).

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1088295

Title:
  lxc container can control  other container's cpu share,memory limit,or
  access of  block and character devices

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1088295/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to