OpenVZ Forum


Home » Mailing lists » Devel » Re: Re: [RFC][PATCH 0/2] user namespace [try #2]
Re: Re: [RFC][PATCH 0/2] user namespace [try #2] [message #6072 is a reply to message #6068] Thu, 07 September 2006 16:05 Go to previous messageGo to previous message
dev is currently offline  dev
Messages: 1693
Registered: September 2005
Location: Moscow
Senior Member
>>imho this in acceptable for OpenVZ as makes VE files to be
>>inaccessiable from host. At least this is how I understand your
>>idea... Am I correct?
>>
>>
>>>I assume the list of other things we'll need to consider includes
>>> signals between user namespaces
>>> keystore
>>> sys_setpriority and the like
>>>I might argue that all of these should be sufficiently protected
>>>by proper setup by userspace. Can you explain why that is not
>>>the case?
>
>
>>The same requirement (ability to send signals from host to VE)
>>is also applicable to signals.
>
>
> at some point, we tried to move all cross context
> signalling (from the host to the guests) into a special
> context, but later on we moved away from that, because
> it was much simpler and more intuitive to handle the
> signalling with a separate syscall command
I'm not sure what a separate context is for, but a separate syscall
is definetely not a good idea.

> what I want to point out here is, that things like
> sending signals across namespaces is something which
> is not required to make this work
well, people have different requirements...

Kirill

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: [S390] update fs3270 to use a struct pid
Next Topic: Re: [RFC][PATCH 1/2] add user namespace [try #2]
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Fri Sep 19 11:19:31 GMT 2025

Total time taken to generate the page: 0.06441 seconds
Powered by FUDforum Powered by Virtuozzo Containers