From: Nick Craig-Wood (ncw1_at_axis.demon.co.uk)
Date: Tue 03 Dec 2002 - 21:13:39 GMT

• Next message: John Goerzen: "[vserver] Re: merging into the mainstream kernel in the future"
• Previous message: J. Nick Koston: "[vserver] Please confirm (conf#51a478c90a9ca9962c71020840b32769)"
• In reply to: John Goerzen: "[vserver] Re: merging into the mainstream kernel in the future"
• Next in thread: Jacques Gelinas: "Re: [vserver] Re: merging into the mainstream kernel in the future"
• Reply: Jacques Gelinas: "Re: [vserver] Re: merging into the mainstream kernel in the future"

On Tue, Dec 03, 2002 at 02:39:35PM +0000, John Goerzen wrote:
> It's much better if it's first been in some other tree for awhile --
> say the ac series. Linus trusts that sort of code more.

I don't think that AC (or any other kernel maintainer) would ever
accept the chmod 000 hack to stop chroot escapes. Its just horrid!

AC has expressed strong opinions on not modifying the current
semantics of chroot to "fix" them too as it breaks current
applications.

I think that this needs careful thought before vserver goes for the
mainline kernel. Perhaps a new system call is needed - one based on
the BSD chroot maybe but called something else?

-- 
Nick Craig-Wood
ncw1_at_axis.demon.co.uk

• Next message: John Goerzen: "[vserver] Re: merging into the mainstream kernel in the future"
• Previous message: J. Nick Koston: "[vserver] Please confirm (conf#51a478c90a9ca9962c71020840b32769)"
• In reply to: John Goerzen: "[vserver] Re: merging into the mainstream kernel in the future"
• Next in thread: Jacques Gelinas: "Re: [vserver] Re: merging into the mainstream kernel in the future"
• Reply: Jacques Gelinas: "Re: [vserver] Re: merging into the mainstream kernel in the future"