[svlug] Restricting privileges

[Sarah Newman]

On 01/15/2015 02:50 AM, Ivan Sergio Borgonovo wrote:

> Few days ago when I was refreshing my memory about lxc I came across a
> page that explain how to run chrome and skype inside a lxc container.
> Since a guest on an lxc container is running on the same kernel of the
> host the video board hardware shouldn't be virtualized and since you may
> have several applications you'd prefer to run jailed, it could be a more
> convenient solution at the cost of some extra space.

Is this the post you're talking about?

https://www.stgraber.org/2014/02/09/lxc-1-0-gui-in-containers/

That looks very interesting. Most instructions I found related to containers + UIs involved running
sshd inside the container and doing X forwarding.

There is also qubes os http://www.qubes-os.org/ but I don't think it's to the point of being a daily
driver.