OpenVZ Forum: Support

Home » General » Support » Kill in HN

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Kill in HN [message #3253 is a reply to message #3206]

Thu, 18 May 2006 22:23

kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia

Senior Member

Seeing all the VPS processes (and files) and ability to do vzctl enter from the hardware node is a principle of OpenVZ. That makes VE mass management and troubleshooting possible. If something is wrong with the VPS, you can kill it from the host system.

At the same time, you are right, this is not good for security. Thus we do not recommend to run anything but the very basic stuff on the hardware node itself -- ideally, the only network port opened on hardware node is port 22, sshd. If you want to run anything else - create a VE and run it in this dedicated VE.

Kir Kolyshkin

http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

[Message index]

		Kill in HN By: molliver on Wed, 17 May 2006 09:45
		Re: Kill in HN By: dev on Wed, 17 May 2006 10:37
		Re: Kill in HN By: molliver on Wed, 17 May 2006 11:17
		Re: Kill in HN By: dev on Wed, 17 May 2006 11:21
		Re: Kill in HN By: John Kelly on Wed, 17 May 2006 16:12
		Re: Kill in HN By: kir on Thu, 18 May 2006 22:23

Previous Topic:	Can't mount: No such device [SOLVED]
Next Topic:	How to Create different Distro VPS without Template metadata

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Fri Oct 11 19:10:43 GMT 2024

Total time taken to generate the page: 0.12947 seconds