I won't have any more time for this until I return from vacation at the
end of the month but after a little bit of thought I think I have fixed
all of the bugs (except arguably the return value).
I have further tweaked these and made the limits per user. Because it
occured to me that if the limi
On Tue, Jul 26, 2016 at 10:29 AM, Michael Kerrisk (man-pages)
wrote:
> On 26 July 2016 at 18:52, Kees Cook wrote:
>> On Tue, Jul 26, 2016 at 8:06 AM, Eric W. Biederman
>> wrote:
>>> "Michael Kerrisk (man-pages)" writes:
>>>
Hello Eric,
I realized I had a question after the last m
On 26 July 2016 at 18:52, Kees Cook wrote:
> On Tue, Jul 26, 2016 at 8:06 AM, Eric W. Biederman
> wrote:
>> "Michael Kerrisk (man-pages)" writes:
>>
>>> Hello Eric,
>>>
>>> I realized I had a question after the last mail.
>>>
>>> On 07/21/2016 06:39 PM, Eric W. Biederman wrote:
This pa
On Tue, Jul 26, 2016 at 8:06 AM, Eric W. Biederman
wrote:
> "Michael Kerrisk (man-pages)" writes:
>
>> Hello Eric,
>>
>> I realized I had a question after the last mail.
>>
>> On 07/21/2016 06:39 PM, Eric W. Biederman wrote:
>>>
>>> This patchset addresses two use cases:
>>> - Implement a sane up
"Michael Kerrisk (man-pages)" writes:
> Hello Eric,
>
> On 07/21/2016 06:39 PM, Eric W. Biederman wrote:
>>
>> This patchset addresses two use cases:
>> - Implement a sane upper bound on the number of namespaces.
>> - Provide a way for sandboxes to limit the attack surface from
>> namespaces.
>
"Michael Kerrisk (man-pages)" writes:
> Hello Eric,
>
> I realized I had a question after the last mail.
>
> On 07/21/2016 06:39 PM, Eric W. Biederman wrote:
>>
>> This patchset addresses two use cases:
>> - Implement a sane upper bound on the number of namespaces.
>> - Provide a way for sandboxe
Hello Eric,
I realized I had a question after the last mail.
On 07/21/2016 06:39 PM, Eric W. Biederman wrote:
This patchset addresses two use cases:
- Implement a sane upper bound on the number of namespaces.
- Provide a way for sandboxes to limit the attack surface from
namespaces.
Can yo
Hello Eric,
On 07/21/2016 06:39 PM, Eric W. Biederman wrote:
This patchset addresses two use cases:
- Implement a sane upper bound on the number of namespaces.
- Provide a way for sandboxes to limit the attack surface from
namespaces.
The maximum sane case I can imagine is if every process i
Kees Cook writes:
> On Fri, Jul 22, 2016 at 11:45 AM, Eric W. Biederman
> wrote:
>> Colin Walters writes:
>>
>>> On Thu, Jul 21, 2016, at 12:39 PM, Eric W. Biederman wrote:
This patchset addresses two use cases:
- Implement a sane upper bound on the number of namespaces.
- P
On Fri, Jul 22, 2016 at 11:45 AM, Eric W. Biederman
wrote:
> Colin Walters writes:
>
>> On Thu, Jul 21, 2016, at 12:39 PM, Eric W. Biederman wrote:
>>>
>>> This patchset addresses two use cases:
>>> - Implement a sane upper bound on the number of namespaces.
>>> - Provide a way for sandboxes to l
Colin Walters writes:
> On Thu, Jul 21, 2016, at 12:39 PM, Eric W. Biederman wrote:
>>
>> This patchset addresses two use cases:
>> - Implement a sane upper bound on the number of namespaces.
>> - Provide a way for sandboxes to limit the attack surface from
>> namespaces.
>
> Perhaps this is o
On Thu, Jul 21, 2016, at 12:39 PM, Eric W. Biederman wrote:
>
> This patchset addresses two use cases:
> - Implement a sane upper bound on the number of namespaces.
> - Provide a way for sandboxes to limit the attack surface from
> namespaces.
Perhaps this is obvious, but since you didn't quite
This patchset addresses two use cases:
- Implement a sane upper bound on the number of namespaces.
- Provide a way for sandboxes to limit the attack surface from
namespaces.
The maximum sane case I can imagine is if every process is a fat
process, so I set the maximum number of namespaces to th
13 matches
Mail list logo
