Axton Grams, ----- Original Message ----- > I wanted to solicit general feedback on this platform's security with > relation to using a HN that serves VPSs for both trusted and > untrusted networks.
I'm not a network person so I won't even attempt to answer that. > I'm curious if there have been any CVE's or > other errata, historically, that would have implications in this > scenario. I'm not aware of any OpenVZ-specific CVEs in the ~12 years that Virtuozzo and OpenVZ have existed. I do not claim there have never been security issues... because I have no idea. > Are there implication of using venet versys veth interfaces in this > arrangement? I'd recommend you read the wiki page that discusses the differences between venet and veth... because it doesn't sound like you have read it: https://wiki.openvz.org/Differences_between_venet_and_veth > I am also concerned about the containment of the containers.. Have > there been scenarios where people have been able to break out of the > CT and gain access to or otherwise manipulate the HN? Again, not that I'm aware of... in the 12 years... but then again my familiarity with this stuff only started about 6.5 years ago. TYL, -- Scott Dowdle 704 Church Street Belgrade, MT 59714 (406)388-0827 [home] (406)994-3931 [work] _______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
