[EMAIL PROTECTED] ("Gregory (Grisha) Trubetskoy") writes: >> http://savannah.nongnu.org/cgi-bin/viewcvs/util-vserver/util-vserver/distrib/misc/vprocunhide-files?rev=HEAD > > Would you consider this a pretty safe list of things to be visible in > a vserver?
It is probably too restrictive and removes too much entries. I am currently aware of only two /proc entries which are not covered by linux capabilities: sysrq-triggers and scsi. Else, I do not see a reason to hide other entries since this can destroy functionality for highly privileged vservers (e.g. VPN/firewall-setup vservers). List above is something like a proof-of-concept data for the vprocunhide script and can be overridden locally. Enrico _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver