SELinux for LXC Container
On Tue, Jan 31, 2012 at 05:40:44PM +0530, Shweta Shinde wrote:
> Hi everyone,
> I am interested in the security aspects of LXC.
> How can we use SELinux to secure LXC containers?
> Any information will be very helpful.
I recently posted patches to libvirt, which extend the sVirt support
from KVM, to also cover our LXC driver. This will ensure strict
confinement of LXC containers using SELinux
Fedora 17 policy is being enhanced to support this at the same time.
NB, this only applies to the libvirt LXC userspace driver, which is
completely separate from the LXC sf.net userspace.
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
selinux mailing list