We were actually discussing just this situation on IRC #lxc-dev today.
Whilst adding a nic whilst a container is running (hot plugging) is in theory supported for all nic types except IPVLAN, there is indeed an issue with hot plugging a physical device after a container has started and then shutting down the container without removing it.
Currently what happens is that the physical nic will be correctly hot plugged into the running container and will work fine, but the underlying LXC library has no idea that this device exists in the container (only LXD does).
If you then shut down the container, LXD does not remove the devices that were hot plugged before getting LXC to shutdown the container.
This leaves it to the OS to clean up the physical device once the container’s namespace has been destroyed. This will leave the interface in the host’s namespace, but possibly with the name of the interface as it was in the container, eth1. This means that when you try and start the container again, the original name of eno2 is not there any more.
I need to discuss this issue more with @stgraber to see whether there is a solution to this or whether we just block hot plugging physical devices as you suggest.