LXC Unprivileged Containers

[BelCloud]

As with the 4.4 version released, should we migrate all the containers to unprivileged?

 

[morph027]

Depends on your understanding of security

I would. At least try to and see, if everything is running fine.

 

[sahostking]

Note if you run cPanel on any of them ensure they use privileged as per: https://documentation.cpanel.net/di...Containers-Privilegedvsunprivilegedcontainers

 

[morph027]

Nice to know, thanks.

 

[Jero]

i guess there is no easy migration path ?

 

[morph027]

Backup and restore: http://pve.proxmox.com/wiki/Unprivileged_LXC_containers

 

[Jero]

totally missed that! nice one

 

[janos]

Hi,

Sometimes we can not use unprivileged containers (eq. when quota required), in this case how much secure privileged containers? Apparmor can be protect node, or its depending on things (eq. unknown vulns, etc)