I’m not really worried about it. Each LXC runs as its own user on the host, and they only have access to what they need to run each service.
If there’s an exploit found that makes that setup inherently vulnerable then a lot of people would be way more screwed than I would.
I don’t have anything publically accesible on my network (other than wireguard), but if I did I’d just put whatever it was on its own VLAN, run a wireguard server on it, and use a VPS as a reverse proxy that connects to it.
I only use unprivileged LXCs and everything I host on my network runs in its own LXC, so I’m not really worried about someone getting access to the host from there.
They definitely spent the equivalent of at least one or two laid-off employee’s salary to design a logo that’s worse than their last one.
I occasionally get this same thing, or it’ll render one frame of SDDM and then freeze on that frame, and I’ve also never been able to fix it. I’m on CachyOS with an RTX 2080.
I just bought a 7900 XTX that I’m waiting to be shipped, so I wonder if it’ll go away with an AMD GPU.
Edit: Hasn’t happened once with the AMD card, and another frequent issue I had with Vulkan was fixed too. I’m blaming nvidia.
Why would you be worried about your ISP seeing your DNS requests unless you’re using a VPN?
You could have a completely private way of running DNS requests, and then what difference would it make when they just see you connect to that address immediately afterward?
Just run docker in an LXC. That’s what I do when I have to.