To tighten security for each containers that may be own by different clients, is there a way to disable lxc push and pull functionality?
Hi!
There is no mechanism yet in LXD for discretionary user management regarding the access to the LXD server’s Unix socket.
That is, a user either has full access or no access.
Note though that it could be possible to add some layer on top of LXD (like you get with LXD-Mosaic) to get such a feature.
Having said that, the typical way to allow and disallow per-user access, is to use some standard mechanism like SSH. In addition, you would rather not grant access to the host to users but rather directly to individual containers.