Re: prevent breaking a chroot() jail?

From: Alan Cox (alan@lxorguk.ukuu.org.uk)
Date: Fri Jul 05 2002 - 16:15:07 EST

Next message: Alan Cox: "Re: prevent breaking a chroot() jail?"
Previous message: David Wagner: "Re: prevent breaking a chroot() jail?"
In reply to: Ville Herva: "Re: prevent breaking a chroot() jail?"
Next in thread: Alan Cox: "Re: prevent breaking a chroot() jail?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> ISTR UML had some security problems (guest processes being able to disrupt
> host processes or just guest processes being able to disrupt other guest
> processes). Have those been resolved yet?

Yes

> Do people use it in production? Last I heard someone had evaluated it, it
> had ended up consuming way too much CPU per "jail" for whatever reason.
> Perhaps things are better already...

It needs some work, and probably ultimately a couple of assists to
do sigaltmm and VM style pagex
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: prevent breaking a chroot() jail?"
Previous message: David Wagner: "Re: prevent breaking a chroot() jail?"
In reply to: Ville Herva: "Re: prevent breaking a chroot() jail?"
Next in thread: Alan Cox: "Re: prevent breaking a chroot() jail?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Jul 07 2002 - 22:00:16 EST