Thanks. The reason I said it is legitimate use is that I saw people offer vserver based VDS solutions. After a closer examine, I think vserver is more suitable for host service only "jail" rather than a full featured VDS(I had one before which use uml), so mainly for internal server management(moving vserver from one machine to another is much easier).
--- Herbert Poetzl <[EMAIL PROTECTED]> wrote: > On Sat, May 28, 2005 at 04:42:04AM -0700, gary ng > wrote: > > Hi, > > > > I am testing out vserver(1.2.10 on 2.4, not ready > for > > 2.6 yet because of stability issue unrelated to > > vserver) and I am wondering what is the impact of > > giving CAP_SYS_ADMIN to it. > > well, it basically allows the vserver root to take > over the host system quite easily ... > > > Without it, I cannot mount within vserver but I > see > > mount as a legitimate use like mounting CIFS/NFS > or > > FUSE related file systems. > > no, mounting filesystems (without special security) > isn't a legitimate use on a vserver ... > > you can do that in a more secure way with 2.6/1.9.x > (but it isn't advisable anyway) > > > Oh, while I am at it, what capability is needed so > > that I can setup vpn(pptp, openvpn etc.) within > the > > you can set those things up from outside, or wait > until ngnet (2.6 only) will become more mature ... > > > vserver or it will the vserver no longer > virtual(too > > much rights so it can get out of the jail)? > > > > thanks in advance for any help. > > best, > Herbert > > > regards, > > gary > > > > PS. please CC if possible as I am not on the list > > > __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new Resources site http://smallbusiness.yahoo.com/resources/ _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver