* Jacques Gelinas (jackat_private) wrote: > On Wed, 5 Dec 2001 16:58:16 -0500, Chris Wright wrote > > > a couple things i don't like: > > - i persnoally don't like the reliance on chroot(), as it wastes disk space > > -- and no i don't like the vunify solution either. (also, make note...if > > your vserver has CAP_SYS_CHROOT, the root user in the vserver can break > > out). > > No. This has been tested. Since 2.4.10, all tests we did failed. cool, thanks for the correction. i wasn't very clear, and meant chroot(2) can be broken. the reason is chroot(2) does not change the cwd. but, vserver is using chroot(1) which includes the proper chdir(2). sorry for the confusion. > > - i don't like that it touches ext2 and ext3 directly. this makes it > > brittle w.r.t. filesystems (something we specifically don't do in LSM). > > No way out if we want to have a workable unification with hard links. yes, i agree. but unification has the problem of hard links, meaning all vservers have to be in same mount point. this seems like a limitation to me. it would be nice if read-only wasn't limited to per-superblock such that you could effectively mount -o ro --bind. i know you didn't like the granularity limitations of this directory based approach. of course, w/out extended attributes you do have to jump through some hoops to get file level granularity, and i appreciate the simplicity and effectiveness of vserver. cheers, -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sat Dec 08 2001 - 15:28:36 PST