From: Alex Lyashkov (shadow_at_psoft.net)
Date: Sat 27 Sep 2003 - 04:55:24 BST
On Friday 26 September 2003 16:41, Herbert Poetzl wrote:
> On Fri, Sep 26, 2003 at 06:25:18AM +0300, Alex Lyashkov wrote:
> > > Another problem is that 'vserver XXX enter' can not be used anymore. Or
> > > does there exist a way to enter the namespace of foreign processes?
> > > Doing the mounts on every 'enter' seems to be expensive on the first
> > > glance.
> >
> > In kernel not have parts for enter to the namaspace of foregin processes
> > but add very easy. that sample working code.
>
> thought about that, but wasn't sure it is
> required for 'visiting' processes, which
> could do with a 'wrong' namespace ...
>
> but you are right, this is obviously the
> best solution ...
Yura Kohut and I test it with available chroot exploits - it`s can`t breakable
and correctly do switching to 'new' context.
-- With best regards, Alex