Some of the links shared in this post are affiliate links. If you click on the link and make a purchase, we will receive an affiliate commission at no additional cost to you.
In addition to classic VM virtualization, the Proxmox hypervisor also offers so-called LXC containers. LXC are similar to Docker containers. Instead of virtualizing a complete operating system, LXC containers share the kernel with the hypervisor. This has advantages but also disadvantages.
There are two main types of LXC containers: privileged and unprivileged containers. The main difference between these two types lies in the authorizations and security.
The main differences:
Privileged containers
- User rights:
Privileged containers run under the root user of the host system. This means that the root user within the container also has root rights on the host. - Security:
Due to the fact that root rights of the container can be extended to the host system, privileged containers pose a higher security risk. A security problem in the container could potentially jeopardize the entire host system. - Use:
Commonly used in security-insensitive environments or in scenarios where maximum performance and compatibility are required. - Compatibility:
Privileged containers tend to have fewer compatibility issues, especially with older software or software that requires special system permissions.
Unprivileged containers
- User rights:
Unprivileged containers run under a normal, non-privileged user account of the host system. Within the container, it looks as if you have root rights, but these rights are restricted to the container and have no effect on the host system. - Security:
These containers offer a higher level of security as they are protected by various kernel features such as user namespaces. An exploit within the container cannot easily gain root privileges on the host system. - Usage:
They are ideal for multi-user environments and security-conscious scenarios where isolation between the container and the host is paramount. - Compatibility:
Unprivileged containers can occasionally have compatibility issues with software that requires special system permissions. However, these problems can often be solved with additional configurations and customizations.
Summary
- Privileged containers: Higher rights, higher compatibility, but also higher security risk.
- Unprivileged containers: Restricted rights, higher security, potentially more compatibility problems.
The choice between privileged and unprivileged containers depends on the specific requirements of the environment and the security requirements. In security-critical environments, unprivileged containers are often the better choice, while in less security-critical scenarios or for special use cases, privileged containers can offer advantages.
For example NFS and CIFS mounts within the container can only be mounted if the container is privileged.
Should I use privileged or unprivileged LXC containers?
Privileged containers are a significantly higher security risk. If an attacker manages to get into the LXC container, it is quite easy to attack the Proxmox host with root privileges. It is therefore generally recommended to use only unprivileged LXC containers, which is also the standard with Proxmox.
In exceptional cases, however, it may make sense.