Traditionally, LXD is used to create system containers, light-weight virtual machines that use Linux Container features and not hardware virtualization. However, starting from LXD 3.19, it is possible to create virtual machines as well. That is, now with LXD you can create both system containers and virtual machines. In the following we see how to …
Category: security
Permanent link to this article: https://blog.simos.info/how-to-use-virtual-machines-in-lxd/
Dec 08 2019
Discussion on running X11 applications from within LXD system containers
With LXD, you can create system containers. These system containers are similar to virtual machines, while at the same time they are very lightweight. In a VM, you boot a full Linux kernel and you run your favorite Linux distribution in a virtualized environment that has a fixed disk size and dedicated allocation of RAM …
Permanent link to this article: https://blog.simos.info/discussion-on-running-x11-applications-from-within-lxd-system-containers/
Oct 28 2019
Testing CVE-2019-11043 (php-fpm security vulnerability) with LXD system containers
CVE-2019-11043 is a buffer overflow in php-fpm that under certain conditions, can lead to remote execution. There is an exploit at PHuiP-FPizdaM that targets certain nginx and php-fpm configurations. On their page, the describe how to use Docker to test this exploit. In this post, we use LXD to test the exploit and verify whether …
Permanent link to this article: https://blog.simos.info/testing-cve-2019-11043-php-fpm-security-vulnerability-with-lxd-system-containers/
Aug 30 2019
Cloud-init support in LXD container images
cloud-init is a tool to help you customize cloud images. When you launch a cloud image, you can provide to it with your cloud-init instructions, and the cloud image will execute them. In that way, you can start with a generic cloud image, and as soon as it booted up, it will be configured to …
Permanent link to this article: https://blog.simos.info/cloud-init-support-in-lxd-container-images/
Aug 28 2019
Using the LXD Kali container image
If you have a look at the list of container images for LXD (repository images:), you will notice the recent addition of the Kali container images. These were added by Re4son (@kali.org). But Kali is a security distribution, does it make sense to create system containers with Kali? LXD offers system containers, which are similar …
Permanent link to this article: https://blog.simos.info/using-the-lxd-kali-container-image/
Jan 29 2018
Checking the Ubuntu Linux kernel updates on Spectre and Meltdown
Here is the status page for the Ubuntu updates on Spectre and Meltdown. For a background on these vulnerabilities, see the Meltdown and Spectre Attacks website. In this post we are trying out the Spectre & Meltdown Checker on different versions of the stock Ubuntu Linux kernel. Trying the Spectre & Meltdown Checker before any …
Permanent link to this article: https://blog.simos.info/checking-the-ubuntu-linux-kernel-updates-on-spectre-and-meltdown/
Recent Comments