Guillaume Pratte wrote:
Thanks for the change log Daniel.
Something is solliciting my curiosity though:
- privacy for guests, which will hide things from xid 1
I am not sure I am found of that "privacy" thing.
That's why it's configurable ;-)
Isn't xid 1 the monitoring context?
Yes.
Isn't supposed to be able to see everything in the system?
Well, not if you want to protect the guests from the host.
For instance, if I remember correctly, vserver-stat uses xid 1
to mesure the memory usage of each vserver...
In older versions/kernels, yeah. But that's already rather broken by design.
Maybe it's an irrational fear, but it seems to me like an invitation to
root kits... With this privacy option, how will we be able to precisely
account the memory usage of each vserver?
vserver-stat in util-vserver 0.30.213 doesn't use xid 1 anymore (if you
have a recent enough kernel that has the accounting APIs).
--
Daniel Hokka Zakrisson
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
