Can an unprivileged container cause a kernel panic or crash the host easily (or at all)? I’m curious to see if anyone has had any issues like this or knows of it happening.
The project I’m working on uses unprivileged containers (with security.idmap.isolated=true) with untrusted users & code.
I’m hoping to see I’m on the right path or if there are any suggestions to harden the above setup even more to prevent host crashes (if that is even possible).
Thanks for your time!
Im not a security reasercher and you shouldnt run this on any system that matters to you but what happens if you run a “fork bomb”
You can read about it here
I’ll test that out, the containers will have limits set for cpu/mem/disk/etc so my hope is that it would just hit those limits and not be able to consume anymore.
The most effecient way to avoid a forkbomb is by setting limits.processes to a reasonable value. I often go with 5000 as a high enough number for 99% of workloads, yet enough to prevent a forkbomb from taking the system with it.
Unprivileged containers can’t normally harm the host, without suitable limits, they may be able to cause a DoS, but with all limits set properly, this isn’t a problem. Kernel bugs do still happen and if hit (voluntarily or not), may cause a system crash, but that’s the same kind of bugs that an unprivileged user on your host could have triggered.
Thank you @stgraber for the reply! That answers my question.
Also I really appreciate all the work and time you have and are putting into LXC/LXD. Looking forward to using it in my project.
Cheers!