Quoting sanjay (genacct...@gmail.com): > Hi! I am new to the technology and thread. I have two basic questions, hope > you can provide some guidance. > > 1. UID Privilege Isolation. > ~~~~~~~~~~~~~~~~~ > If I understand it right, currently if a host-uid and guest-uid have the > same numerical value, they essentially have the same file access privilege. > Posting from 01/14/11 indicated that a patchset related to 'user namespace' > is in works to address this issue. Link in the LXC home/user indicated two > possible approach are being considered. I was wondering if there has been > any conclusion in this front ?
I don't know what link you mean. There is a clear roadmap, there is plenty of work to be done. > 2. Guest modifying its own cgroup > ~~~~~~~~~~~~~~~~~~~~~~~~ > It appears that from a guest one can mount the cgroup and modify its own > constraints specified in the cgroup. Is there a way, I can prevent a guest > from doing so? LSM -serge ------------------------------------------------------------------------------ Benefiting from Server Virtualization: Beyond Initial Workload Consolidation -- Increasing the use of server virtualization is a top priority.Virtualization can reduce costs, simplify management, and improve application availability and disaster protection. Learn more about boosting the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users