Fyodorov "Bga" Alexander wrote:
Hi. Thanks for good program.
Whole /proc is serious security
risk for me. Why?
----
You could run rsync in a separate namespace (container)
and only mount /proc in the new namespace -- other users wouldn't
see it..
Bunch of tools 'lxc-xxxxx'
URL : http://linuxcontainers.org/
Summary : Userspace tools for the Linux kernel containers
Description :
It provides commands to create and manage containers. It contains a
full featured container with the isolation/virtualization of the pids,
the ipc, the utsname, the mount points, /proc, /sys, the network and it
takes into account the control groups. It is very light, flexible, and
provides a set of tools around the container like the monitoring with
asynchronous events notification, or the freeze of the container. This
package is useful to create Virtual Private Server, or to run isolated
applications like bash or sshd.
--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
