How secure is security.nesting=true?

How secure is a container running with security.nesting=true? Unprivileged, but with a root user inside the container.

With security.nesting=true for CONTAINER1, you have something like

HOST-LXD[ CONTAINER1-LXD[ MYCONTAINER1, MYCONTAINER2 ] ]

Any potential risk would affect the parts that are in bold, not the host.

Thanks for the fast response. MYCONTAINER1 etc being nested LXD or Docker containers?

I think it’s either container (LXD, Docker, etc) as nested container.