OpenVZ Forum: Devel » Re: Re: [RFC][PATCH 0/2] user namespace [try #2]

Home » Mailing lists » Devel » Re: Re: [RFC][PATCH 0/2] user namespace [try #2]

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Re: [RFC][PATCH 0/2] user namespace [try #2] [message #6240 is a reply to message #6080]

Tue, 12 September 2006 13:48

dev
Messages: 1693
Registered: September 2005
Location: Moscow

Senior Member

Herbert Poetzl wrote:
> On Thu, Sep 07, 2006 at 08:09:38PM +0400, Kirill Korotaev wrote:
>
>>>>imho this in acceptable for OpenVZ as makes VE files to be
>>>>inaccessiable from host. At least this is how I understand your
>>>>idea... Am I correct?
>>>>
>>>>
>>>>
>>>>>I assume the list of other things we'll need to consider includes
>>>>> signals between user namespaces
>>>>> keystore
>>>>> sys_setpriority and the like
>>>>>I might argue that all of these should be sufficiently protected
>>>>>by proper setup by userspace. Can you explain why that is not
>>>>>the case?
>>>
>>>
>>>>The same requirement (ability to send signals from host to VE)
>>>>is also applicable to signals.
>>>
>>>
>>>at some point, we tried to move all cross context
>>>signalling (from the host to the guests) into a special
>>>context, but later on we moved away from that, because
>>>it was much simpler and more intuitive to handle the
>>>signalling with a separate syscall command
>
>
>>I'm not sure what a separate context is for, but a separate syscall
>>is definetely not a good idea.
>
>
> care to explain _why_ you think so?
cause duplicating syscalls with the same meaning but just working in a bit
different situations doesn't look good.

Kirill

Report message to a moderator

[Message index]

		Re: Re: [RFC][PATCH 0/2] user namespace [try #2] By: dev on Thu, 07 September 2006 15:37
		Re: Re: [RFC][PATCH 0/2] user namespace [try #2] By: Herbert Poetzl on Thu, 07 September 2006 15:48
		Re: Re: [RFC][PATCH 0/2] user namespace [try #2] By: dev on Thu, 07 September 2006 16:05
		Re: Re: [RFC][PATCH 0/2] user namespace [try #2] By: Herbert Poetzl on Thu, 07 September 2006 17:55
		Re: Re: [RFC][PATCH 0/2] user namespace [try #2] By: dev on Tue, 12 September 2006 13:48
		Re: Re: [RFC][PATCH 0/2] user namespace [try #2] By: Herbert Poetzl on Tue, 12 September 2006 14:07
		Re: Re: [RFC][PATCH 0/2] user namespace [try #2] By: serue on Thu, 07 September 2006 15:53

Previous Topic:	[S390] update fs3270 to use a struct pid
Next Topic:	Re: [RFC][PATCH 1/2] add user namespace [try #2]

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Wed Nov 05 08:32:35 GMT 2025

Total time taken to generate the page: 0.20133 seconds