

LXC 1.0 has been released - matteotom
http://article.gmane.org/gmane.linux.kernel.containers.lxc.devel/7154

======
mariuolo
What is the performance hit like? How does it compare to FreeBSD jails?

Specifically, is there a primer on how it handles security?

~~~
e12e
> performance hit

Should be negligible.

> compare to *bsd jails

Similar in many respects.

> primer on security

Still a little sketchy, but see:

[https://www.stgraber.org/2014/01/01/lxc-1-0-security-
feature...](https://www.stgraber.org/2014/01/01/lxc-1-0-security-features/)

[http://www.slideshare.net/jpetazzo/linux-containers-lxc-
dock...](http://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and-
security)

LXC uses the same kernel for all containers, so containers/hosts will always
be vulnerable to buggy syscalls.

