Ah. That looks years old for sure. This is a more up to date summary: https://wiki.ubuntu.com/UserNamespace
-serge Quoting sanjay ([email protected]): > Hi Serge! Thanks for your help. > > (The link I was referring in original mail: > http://lxc.sourceforge.net/index.php/about/kernel-namespaces/user/). > > Regards, > Sanjay > > > On Thu, Apr 14, 2011 at 3:19 PM, Serge Hallyn > <[email protected]>wrote: > > > Quoting sanjay ([email protected]): > > > Hi! I am new to the technology and thread. I have two basic questions, > > hope > > > you can provide some guidance. > > > > > > 1. UID Privilege Isolation. > > > ~~~~~~~~~~~~~~~~~ > > > If I understand it right, currently if a host-uid and guest-uid have the > > > same numerical value, they essentially have the same file access > > privilege. > > > Posting from 01/14/11 indicated that a patchset related to 'user > > namespace' > > > is in works to address this issue. Link in the LXC home/user indicated > > two > > > possible approach are being considered. I was wondering if there has been > > > any conclusion in this front ? > > > > I don't know what link you mean. There is a clear roadmap, there is > > plenty of work to be done. > > > > > 2. Guest modifying its own cgroup > > > ~~~~~~~~~~~~~~~~~~~~~~~~ > > > It appears that from a guest one can mount the cgroup and modify its own > > > constraints specified in the cgroup. Is there a way, I can prevent a > > guest > > > from doing so? > > > > LSM > > > > -serge > > > > > > -- > Regards, > Sanjay ------------------------------------------------------------------------------ Benefiting from Server Virtualization: Beyond Initial Workload Consolidation -- Increasing the use of server virtualization is a top priority.Virtualization can reduce costs, simplify management, and improve application availability and disaster protection. Learn more about boosting the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev _______________________________________________ Lxc-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lxc-users
