Re: [Vserver] host and guest UID and GID:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

Re: [Vserver] host and guest UID and GID

From: Björn Steinbrink <B.Steinbrink_at_gmx.de>
Date: Sun 26 Mar 2006 - 14:31:39 BST
Message-ID: <20060326133139.GA2938@atjola.homenet>

On 2006.03.26 15:45:06 +0300, Nikolay Kichukov wrote:
> Hi,
> thanks for the advise, but that did not work.
> Did you mean
> chmod -R 000 /var/lib/vservers?

For sure he did not ;)
In what way did his solution not work? Anyone but root should no longer
be able to access anything in /var/lib/vservers or below. That the host
still displays bogus ownership information is by-design, you can safely
ignore that.

Simple test (on the host):
cd /
su - <user>
cd /var/lib/vservers/foo/bar

Where <user> is a user on your host that has the same uid as the user in
your vserver and 'owns' the files in 'bar'. You should not be able to
reach the files at all, if permissions on /var/lib/vservers are 000.

HTH
Björn
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Sun Mar 26 14:28:48 2006

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 26 Mar 2006 - 14:28:54 BST by hypermail 2.1.8