Hi! I am new to the technology and thread. I have two basic questions, hope
you can provide some guidance.
1. UID Privilege Isolation.
~~~~~~~~~~~~~~~~~
If I understand it right, currently if a host-uid and guest-uid have the
same numerical value, they essentially have the same file access privilege.
Posting from 01/14/11 indicated that a patchset related to 'user namespace'
is in works to address this issue. Link in the LXC home/user indicated two
possible approach are being considered. I was wondering if there has been
any conclusion in this front ?
2. Guest modifying its own cgroup
~~~~~~~~~~~~~~~~~~~~~~~~
It appears that from a guest one can mount the cgroup and modify its own
constraints specified in the cgroup. Is there a way, I can prevent a guest
from doing so?
Thanks in advance for your help
-----------
Regards,
Sanjay
------------------------------------------------------------------------------
Benefiting from Server Virtualization: Beyond Initial Workload
Consolidation -- Increasing the use of server virtualization is a top
priority.Virtualization can reduce costs, simplify management, and improve
application availability and disaster protection. Learn more about boosting
the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev
_______________________________________________
Lxc-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/lxc-users
