Re: [PATCH 0/2] Fix /proc/net in presence of net namespaces

From: Pavel Emelyanov
Date: Fri Feb 29 2008 - 02:44:29 EST

Next message: Yinghai Lu: "[PATCH] x86 pci: remove checking type for mmconfig probe v2"
Previous message: Pavel Emelyanov: "Re: [PATCH 0/2] Fix /proc/net in presence of net namespaces"
In reply to: Pavel Emelyanov: "Re: [PATCH 0/2] Fix /proc/net in presence of net namespaces"
Next in thread: Pavel Emelyanov: "Re: [PATCH 0/2] Fix /proc/net in presence of net namespaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> Nack. Yet another global set of ids that require us to implement another
>> namespace looks like the wrong way to go.
>
> Sentiment granted, but I'm not sure it can be an issue. It *could* be
> in issue if we moved to a more flexible access control here here any
> netns could access the .netns/N directories for all it's child
> namespaces.
>
> But it can't, and /proc/net is set by the kernel. So the <id> can't be
> an issue for any checkpoint/restart except htat of the whole system, and
> of course on whole-system resume we have no <id> collision worries.
>
> So userspace can't do anything with <id>, so there is no reason to worry
> about it becoming another namespace?
>
> Right?

Right. Thanks, Serge.

> thanks,
> -serge
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Yinghai Lu: "[PATCH] x86 pci: remove checking type for mmconfig probe v2"
Previous message: Pavel Emelyanov: "Re: [PATCH 0/2] Fix /proc/net in presence of net namespaces"
In reply to: Pavel Emelyanov: "Re: [PATCH 0/2] Fix /proc/net in presence of net namespaces"
Next in thread: Pavel Emelyanov: "Re: [PATCH 0/2] Fix /proc/net in presence of net namespaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]