vserver development mailing list: Re: [vserver] kernel 2.4.22ctx-18 pre1

Re: [vserver] kernel 2.4.22ctx-18 pre1:
vserver development mailing list
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Alex Lyashkov (shadow_at_psoft.net)
Date: Wed 08 Oct 2003 - 13:38:21 BST

Previous message: Alex Lyashkov: "Re: [vserver] Question about the use of IRC"
In reply to: Rik van Riel: "Re: [vserver] kernel 2.4.22ctx-18 pre1"
Next in thread: Jacques Gelinas: "Re: [vserver] kernel 2.4.22ctx-18 pre1"
Next in thread: Herbert Poetzl: "Re: [vserver] kernel 2.4.22ctx-18 pre1"

On Wednesday 08 October 2003 14:59, Rik van Riel wrote:
> On Tue, 7 Oct 2003, Alex Lyashkov wrote:
> > On Tuesday 07 October 2003 03:34, Jacques Gelinas wrote:
> > > chrootsafe
> > >
> > > This is a new system call that unlike chroot, can't be escaped.
> >
> > why don`t use private namespace ?
>
> Good question. Using CLONE_NEWNS followed by a recursive
> bind mount to hide everything else would be so much better
> than adding a new syscall.
>
Using CLONE_NEWNS do problems with umout after sys_pivot_root - see Herberts
post in linux-kernel@ but if create namespace manuality and change namespace
for process - problems be absent.

-- 
With best regards,
Alex

Previous message: Alex Lyashkov: "Re: [vserver] Question about the use of IRC"
In reply to: Rik van Riel: "Re: [vserver] kernel 2.4.22ctx-18 pre1"
Next in thread: Jacques Gelinas: "Re: [vserver] kernel 2.4.22ctx-18 pre1"
Next in thread: Herbert Poetzl: "Re: [vserver] kernel 2.4.22ctx-18 pre1"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 08 Oct 2003 - 14:20:12 BST by hypermail 2.1.3